Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8text‹\label{PLM: 9}›
9
10(* constrain sledgehammer to the abstraction layer *)
11unbundle AOT_no_atp
12
13subsection‹Primitive Rule of PLM: Modus Ponens›
14text‹\label{PLM: 9.1}›
15
16AOT_theorem "modus-ponens":
17  assumes φ and φ  ψ
18  shows ψ
19  (* NOTE: semantics needed *)
20  using assms by (simp add: AOT_sem_imp)
21lemmas MP = "modus-ponens"
22
23subsection‹(Modally Strict) Proofs and Derivations›
24text‹\label{PLM: 9.2}›
25
26AOT_theorem "non-con-thm-thm":
27  assumes  φ
28  shows  φ
29  using assms by simp
30
31AOT_theorem "vdash-properties:1[1]":
32  assumes φ  Λ
33  shows  φ
34  (* NOTE: semantics needed *)
35  using assms unfolding AOT_model_act_axiom_def by blast
36
37text‹Convenience attribute for instantiating modally-fragile axioms.›
38attribute_setup act_axiom_inst =
39  ‹Scan.succeed (Thm.rule_attribute []
40    (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
41  "Instantiate modally fragile axiom as modally fragile theorem."
42
43AOT_theorem "vdash-properties:1[2]":
44  assumes φ  Λ
45  shows  φ
46  (* NOTE: semantics needed *)
47  using assms unfolding AOT_model_axiom_def by blast
48
49text‹Convenience attribute for instantiating modally-strict axioms.›
50attribute_setup axiom_inst =
51  ‹Scan.succeed (Thm.rule_attribute []
52    (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
53  "Instantiate axiom as theorem."
54
55text‹Convenience methods and theorem sets for applying "cqt:2".›
56method cqt_2_lambda_inst_prover =
57  (fast intro: AOT_instance_of_cqt_2_intro)
58method "cqt:2[lambda]" =
59  (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
60lemmas "cqt:2" =
61  "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst]
62  AOT_instance_of_cqt_2_intro
63method "cqt:2" = (safe intro!: "cqt:2")
64
65AOT_theorem "vdash-properties:3":
66  assumes  φ
67  shows Γ  φ
68  using assms by blast
69
70AOT_theorem "vdash-properties:5":
71  assumes Γ1  φ and Γ2  φ  ψ
72  shows Γ1, Γ2  ψ
73  using MP assms by blast
74
75AOT_theorem "vdash-properties:6":
76  assumes φ and φ  ψ
77  shows ψ
78  using MP assms by blast
79
80AOT_theorem "vdash-properties:8":
81  assumes Γ  φ and φ  ψ
82  shows Γ  ψ
83  using assms by argo
84
85AOT_theorem "vdash-properties:9":
86  assumes φ
87  shows ψ  φ
88  using MP "pl:1"[axiom_inst] assms by blast
89
90AOT_theorem "vdash-properties:10":
91  assumes φ  ψ and φ
92  shows ψ
93  using MP assms by blast
94lemmas "→E" = "vdash-properties:10"
95
96subsection‹Two Fundamental Metarules: GEN and RN›
97text‹\label{PLM: 9.3}›
98
99AOT_theorem "rule-gen":
100  assumes for arbitrary α: φ{α}
101  shows α φ{α}
102  (* NOTE: semantics needed *)
103  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall)
104lemmas GEN = "rule-gen"
105
106AOT_theorem "RN[prem]":
107  assumes Γ  φ
108  shows Γ  φ
109  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
110AOT_theorem RN:
111  assumes  φ
112  shows φ
113  using "RN[prem]" assms by blast
114
115subsection‹The Inferential Role of Definitions›
116text‹\label{PLM: 9.4}›
117
118AOT_axiom "df-rules-formulas[1]":
119  assumes φ df ψ
120  shows φ  ψ
121  (* NOTE: semantics needed *)
122  using assms
123  by (auto simp: assms AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
124AOT_axiom "df-rules-formulas[2]":
125  assumes φ df ψ
126  shows ψ  φ
127  (* NOTE: semantics needed *)
128  using assms
129  by (auto simp: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
130(* NOTE: for convenience also state the above as regular theorems *)
131AOT_theorem "df-rules-formulas[3]":
132  assumes φ df ψ
133  shows φ  ψ
134  using "df-rules-formulas[1]"[axiom_inst, OF assms].
135AOT_theorem "df-rules-formulas[4]":
136  assumes φ df ψ
137  shows ψ  φ
138  using "df-rules-formulas[2]"[axiom_inst, OF assms].
139
140
141AOT_axiom "df-rules-terms[1]":
142  assumes τ{α1...αn} =df σ{α1...αn}
143  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
144         (¬σ{τ1...τn}  ¬τ{τ1...τn})
145  (* NOTE: semantics needed *)
146  using assms
147  by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq
148                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
149AOT_axiom "df-rules-terms[2]":
150  assumes τ =df σ
151  shows (σ  τ = σ) & (¬σ  ¬τ)
152  by (metis "df-rules-terms[1]" case_unit_Unity assms)
153(* NOTE: for convenience also state the above as regular theorems *)
154AOT_theorem "df-rules-terms[3]":
155  assumes τ{α1...αn} =df σ{α1...αn}
156  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
157         (¬σ{τ1...τn}  ¬τ{τ1...τn})
158  using "df-rules-terms[1]"[axiom_inst, OF assms].
159AOT_theorem "df-rules-terms[4]":
160  assumes τ =df σ
161  shows (σ  τ = σ) & (¬σ  ¬τ)
162  using "df-rules-terms[2]"[axiom_inst, OF assms].
163
164subsection‹The Theory of Negations and Conditionals›
165text‹\label{PLM: 9.5}›
166
167AOT_theorem "if-p-then-p": φ  φ
168  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
169
170AOT_theorem "deduction-theorem":
171  assumes φ  ψ
172  shows φ  ψ
173  (* NOTE: semantics needed *)
174  using assms by (simp add: AOT_sem_imp)
175lemmas CP = "deduction-theorem"
176lemmas "→I" = "deduction-theorem"
177
178AOT_theorem "ded-thm-cor:1":
179  assumes Γ1  φ  ψ and Γ2  ψ  χ
180  shows Γ1, Γ2  φ  χ
181  using "→E" "→I" assms by blast
182AOT_theorem "ded-thm-cor:2":
183  assumes Γ1  φ  (ψ  χ) and Γ2  ψ
184  shows Γ1, Γ2  φ  χ
185  using "→E" "→I" assms by blast
186
187AOT_theorem "ded-thm-cor:3":
188  assumes φ  ψ and ψ  χ
189  shows φ  χ
190  using "→E" "→I" assms by blast
191declare "ded-thm-cor:3"[trans]
192AOT_theorem "ded-thm-cor:4":
193  assumes φ  (ψ  χ) and ψ
194  shows φ  χ
195  using "→E" "→I" assms by blast
196
197lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
198
199AOT_theorem "useful-tautologies:1": ¬¬φ  φ
200  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
201AOT_theorem "useful-tautologies:2": φ  ¬¬φ
202  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
203AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
204  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
205AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
206  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
207AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
208  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
209
210AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
211  by (metis "→I" MP "useful-tautologies:4")
212
213AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
214  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
215
216AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
217  by (metis "→I" MP "useful-tautologies:5")
218
219AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
220  by (metis "→I" MP "useful-tautologies:6")
221
222AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
223  by (metis "→I" MP "pl:3"[axiom_inst])
224
225AOT_theorem "dn-i-e:1":
226  assumes φ
227  shows ¬¬φ
228  using MP "useful-tautologies:2" assms by blast
229lemmas "¬¬I" = "dn-i-e:1"
230AOT_theorem "dn-i-e:2":
231  assumes ¬¬φ
232  shows φ
233  using MP "useful-tautologies:1" assms by blast
234lemmas "¬¬E" = "dn-i-e:2"
235
236AOT_theorem "modus-tollens:1":
237  assumes φ  ψ and ¬ψ
238  shows ¬φ
239  using MP "useful-tautologies:5" assms by blast
240AOT_theorem "modus-tollens:2":
241  assumes φ  ¬ψ and ψ
242  shows ¬φ
243  using "¬¬I" "modus-tollens:1" assms by blast
244lemmas MT = "modus-tollens:1" "modus-tollens:2"
245
246AOT_theorem "contraposition:1[1]":
247  assumes φ  ψ
248  shows ¬ψ  ¬φ
249  using "→I" MT(1) assms by blast
250AOT_theorem "contraposition:1[2]":
251  assumes ¬ψ  ¬φ
252  shows φ  ψ
253  using "→I" "¬¬E" MT(2) assms by blast
254
255AOT_theorem "contraposition:2":
256  assumes φ  ¬ψ
257  shows ψ  ¬φ
258  using "→I" MT(2) assms by blast
259
260(* TODO: this is actually a mixture of the two variants given in PLM. *)
261AOT_theorem "reductio-aa:1":
262  assumes ¬φ  ¬ψ and ¬φ  ψ
263  shows φ
264  using "→I" "¬¬E" MT(2) assms by blast
265AOT_theorem "reductio-aa:2":
266  assumes φ  ¬ψ and φ  ψ
267  shows ¬φ
268  using "reductio-aa:1" assms by blast
269lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
270
271AOT_theorem "exc-mid": φ  ¬φ
272  using "df-rules-formulas[4]" "if-p-then-p" MP
273        "conventions:2" by blast
274
275AOT_theorem "non-contradiction": ¬(φ & ¬φ)
276  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2"
277        "conventions:1" by blast
278
279AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
280  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
281AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
282  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2)
283            "¬¬E" "conventions:1")
284lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
285
286AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
287  by (meson "contraposition:1[2]" "df-rules-formulas[4]"
288            MP "→I" "conventions:2")
289AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
290  using "Hypothetical Syllogism" "df-rules-formulas[4]"
291        "pl:1"[axiom_inst] "conventions:2" by blast
292lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
293
294AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
295  by (metis "contraposition:2" "Hypothetical Syllogism" "→I"
296            "df-rules-formulas[4]" "conventions:1")
297lemmas Adjunction = "con-dis-taut:5"
298
299AOT_theorem "con-dis-taut:6": (φ & φ)  φ
300  by (metis Adjunction "→I" "df-rules-formulas[4]" MP
301            "Conjunction Simplification"(1) "conventions:3")
302lemmas "Idempotence of &" = "con-dis-taut:6"
303
304AOT_theorem "con-dis-taut:7": (φ  φ)  φ
305proof -
306  {
307    AOT_assume φ  φ
308    AOT_hence ¬φ  φ
309      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
310    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
311  }
312  moreover {
313    AOT_assume φ
314    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
315  }
316  ultimately AOT_show (φ  φ)  φ
317    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
318    by (metis Adjunction "→I")
319qed
320lemmas "Idempotence of ∨" = "con-dis-taut:7"
321
322
323AOT_theorem "con-dis-i-e:1":
324  assumes φ and ψ
325  shows φ & ψ
326  using Adjunction MP assms by blast
327lemmas "&I" = "con-dis-i-e:1"
328
329AOT_theorem "con-dis-i-e:2:a":
330  assumes φ & ψ
331  shows φ
332  using "Conjunction Simplification"(1) MP assms by blast
333AOT_theorem "con-dis-i-e:2:b":
334  assumes φ & ψ
335  shows ψ
336  using "Conjunction Simplification"(2) MP assms by blast
337lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
338
339AOT_theorem "con-dis-i-e:3:a":
340  assumes φ
341  shows φ  ψ
342  using "Disjunction Addition"(1) MP assms by blast
343AOT_theorem "con-dis-i-e:3:b":
344  assumes ψ
345  shows φ  ψ
346  using "Disjunction Addition"(2) MP assms by blast
347AOT_theorem "con-dis-i-e:3:c":
348  assumes φ  ψ and φ  χ and ψ  Θ
349  shows χ  Θ
350  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2)
351            "df-rules-formulas[3]" MT(1) RAA(1)
352            "conventions:2" assms)
353lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
354
355AOT_theorem "con-dis-i-e:4:a":
356  assumes φ  ψ and φ  χ and ψ  χ
357  shows χ
358  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
359AOT_theorem "con-dis-i-e:4:b":
360  assumes φ  ψ and ¬φ
361  shows ψ
362  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
363AOT_theorem "con-dis-i-e:4:c":
364  assumes φ  ψ and ¬ψ
365  shows φ
366  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
367lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
368
369AOT_theorem "raa-cor:1":
370  assumes ¬φ  ψ & ¬ψ
371  shows φ
372  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
373AOT_theorem "raa-cor:2":
374  assumes φ  ψ & ¬ψ
375  shows ¬φ
376  using "raa-cor:1" assms by blast
377AOT_theorem "raa-cor:3":
378  assumes φ and ¬ψ  ¬φ
379  shows ψ
380  using RAA assms by blast
381AOT_theorem "raa-cor:4":
382  assumes ¬φ and ¬ψ  φ
383  shows ψ
384  using RAA assms by blast
385AOT_theorem "raa-cor:5":
386  assumes φ and ψ  ¬φ
387  shows ¬ψ
388  using RAA assms by blast
389AOT_theorem "raa-cor:6":
390  assumes ¬φ and ψ  φ
391  shows ¬ψ
392  using RAA assms by blast
393
394(* TODO: note these need manual introduction rules *)
395AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
396  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
397     (metis "&E" "&I" "raa-cor:3" "→I" MP)
398AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
399  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
400     (metis "&E" "&I" "raa-cor:3" "→I" MP)
401AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
402  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
403     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
404
405AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
406  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
407     (meson "&I" "&E" "→I")
408lemmas "Commutativity of &" = "oth-class-taut:2:a"
409AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
410  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
411     (metis "&I" "&E" "→I")
412lemmas "Associativity of &" = "oth-class-taut:2:b"
413AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
414  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
415     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
416lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
417AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
418  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
419     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
420lemmas "Associativity of ∨" = "oth-class-taut:2:d"
421AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
422  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
423      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E"
424            "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
425lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
426AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
427  using "conventions:3"[THEN "df-rules-formulas[4]"]
428        "conventions:3"[THEN "df-rules-formulas[3]"]
429        "→I" "→E" "&E" "&I"
430  by metis
431lemmas "Associativity of ≡" = "oth-class-taut:2:f"
432
433AOT_theorem "oth-class-taut:3:a": φ  φ
434  using "&I" "vdash-properties:6" "if-p-then-p"
435        "df-rules-formulas[4]" "conventions:3" by blast
436AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
437  using "&I" "useful-tautologies:1" "useful-tautologies:2" "→E"
438        "df-rules-formulas[4]" "conventions:3" by blast
439AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
440  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
441
442AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
443  by (metis "→E" "→I")
444AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
445  using "conventions:3"[THEN "df-rules-formulas[4]"]
446        "conventions:3"[THEN "df-rules-formulas[3]"]
447        "→I" "→E" "&E" "&I" RAA by metis
448AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
449  using "conventions:3"[THEN "df-rules-formulas[4]"]
450        "conventions:3"[THEN "df-rules-formulas[3]"]
451        "→I" "→E" "&E" "&I" by metis
452AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
453  using "conventions:3"[THEN "df-rules-formulas[4]"]
454        "conventions:3"[THEN "df-rules-formulas[3]"]
455        "→I" "→E" "&E" "&I" by metis
456AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
457  using "conventions:3"[THEN "df-rules-formulas[4]"]
458        "conventions:3"[THEN "df-rules-formulas[3]"]
459        "→I" "→E" "&E" "&I" by metis
460AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
461  using "conventions:3"[THEN "df-rules-formulas[4]"]
462        "conventions:3"[THEN "df-rules-formulas[3]"]
463        "→I" "→E" "&E" "&I" by metis
464AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
465proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
466                   "&I" "→I"
467           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
468  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
469    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
470next
471  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
472    using that "∨E" "&E" "raa-cor:3" by blast
473next
474  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
475    using that "∨E" "&E" "raa-cor:3" by blast
476qed
477AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
478proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
479                    "&I" "→I")
480  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
481    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]"
482              "raa-cor:3" "conventions:3")
483next
484  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
485    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]"
486              "raa-cor:3" "conventions:3")
487qed
488AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
489  using "conventions:3"[THEN "df-rules-formulas[4]"]
490        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
491AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
492  using "conventions:3"[THEN "df-rules-formulas[4]"]
493        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
494AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
495  using "conventions:3"[THEN "df-rules-formulas[4]"]
496        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
497AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
498  using "conventions:3"[THEN "df-rules-formulas[4]"]
499        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
500
501lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
502
503AOT_theorem "oth-class-taut:6:a":
504  (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
505  using "conventions:3"[THEN "df-rules-formulas[4]"]
506        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
507AOT_theorem "oth-class-taut:6:b":
508  (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
509  using "conventions:3"[THEN "df-rules-formulas[4]"]
510        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
511
512AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
513  by (metis "&I" "→E" "→I")
514lemmas Exportation = "oth-class-taut:7:a"
515AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
516  by (metis "&E" "→E" "→I")
517lemmas Importation = "oth-class-taut:7:b"
518
519AOT_theorem "oth-class-taut:8:a":
520  (φ  (ψ  χ))  (ψ  (φ  χ))
521  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I"
522  by metis
523lemmas Permutation = "oth-class-taut:8:a"
524AOT_theorem "oth-class-taut:8:b":
525  (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
526  by (metis "&I" "→E" "→I")
527lemmas Composition = "oth-class-taut:8:b"
528AOT_theorem "oth-class-taut:8:c":
529  (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
530  by (metis "∨E"(2) "→E" "→I" RAA(1))
531AOT_theorem "oth-class-taut:8:d":
532  ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
533  by (metis "&E" "&I" "→E" "→I")
534lemmas "Double Composition" = "oth-class-taut:8:d"
535AOT_theorem "oth-class-taut:8:e":
536  ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
537  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
538            "conventions:3"[THEN "df-rules-formulas[3]"]
539            "→I" "→E" "&E" "&I")
540AOT_theorem "oth-class-taut:8:f":
541  ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
542  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
543            "conventions:3"[THEN "df-rules-formulas[3]"]
544            "→I" "→E" "&E" "&I")
545AOT_theorem "oth-class-taut:8:g":
546  (ψ  χ)  ((φ  ψ)  (φ  χ))
547  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
548            "conventions:3"[THEN "df-rules-formulas[3]"]
549            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
550AOT_theorem "oth-class-taut:8:h":
551  (ψ  χ)  ((ψ  φ)  (χ  φ))
552  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
553            "conventions:3"[THEN "df-rules-formulas[3]"]
554            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
555AOT_theorem "oth-class-taut:8:i":
556  (φ  (ψ & χ))  (ψ  (φ  χ))
557  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
558            "conventions:3"[THEN "df-rules-formulas[3]"]
559            "→I" "→E" "&E" "&I")
560
561AOT_theorem "intro-elim:1":
562  assumes φ  ψ and φ  χ and ψ  Θ
563  shows χ  Θ
564  by (metis assms "∨I"(1, 2) "∨E"(1) "→I" "→E" "&E"(1)
565            "conventions:3"[THEN "df-rules-formulas[3]"])
566
567AOT_theorem "intro-elim:2":
568  assumes φ  ψ and ψ  φ
569  shows φ  ψ
570  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
571lemmas "≡I" = "intro-elim:2"
572
573AOT_theorem "intro-elim:3:a":
574  assumes φ  ψ and φ
575  shows ψ
576  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
577AOT_theorem "intro-elim:3:b":
578  assumes φ  ψ and ψ
579  shows φ
580  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
581AOT_theorem "intro-elim:3:c":
582  assumes φ  ψ and ¬φ
583  shows ¬ψ
584  using "intro-elim:3:b" "raa-cor:3" assms by blast
585AOT_theorem "intro-elim:3:d":
586  assumes φ  ψ and ¬ψ
587  shows ¬φ
588  using "intro-elim:3:a" "raa-cor:3" assms by blast
589AOT_theorem "intro-elim:3:e":
590  assumes φ  ψ and ψ  χ
591  shows φ  χ
592  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
593declare "intro-elim:3:e"[trans]
594AOT_theorem "intro-elim:3:f":
595  assumes φ  ψ and φ  χ
596  shows χ  ψ
597  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
598lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c"
599              "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
600
601declare "Commutativity of ≡"[THEN "≡E"(1), sym]
602
603AOT_theorem "rule-eq-df:1":
604  assumes φ df ψ
605  shows φ  ψ
606  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
607lemmas "≡Df" = "rule-eq-df:1"
608AOT_theorem "rule-eq-df:2":
609  assumes φ df ψ and φ
610  shows ψ
611  using "≡Df" "≡E"(1) assms by blast
612lemmas "≡dfE" = "rule-eq-df:2"
613AOT_theorem "rule-eq-df:3":
614  assumes φ df ψ and ψ
615  shows φ
616  using "≡Df" "≡E"(2) assms by blast
617lemmas "≡dfI" = "rule-eq-df:3"
618
619AOT_theorem  "df-simplify:1":
620  assumes φ  (ψ & χ) and ψ
621  shows φ  χ
622  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
623(* TODO: this is a slight variation from PLM *)
624AOT_theorem  "df-simplify:2":
625  assumes φ  (ψ & χ) and χ
626  shows φ  ψ
627  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
628lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
629
630subsection‹The Theory of Quantification›
631text‹\label{PLM: 9.6}›
632
633AOT_theorem "rule-ui:1":
634  assumes α φ{α} and τ
635  shows φ{τ}
636  using "→E" "cqt:1"[axiom_inst] assms by blast
637AOT_theorem "rule-ui:2[const_var]":
638  assumes α φ{α}
639  shows φ{β}
640  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
641(* TODO: precise proviso in PLM *)
642AOT_theorem "rule-ui:2[lambda]":
643  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
644  shows φ{ν1...νn ψ{ν1...νn}]}
645  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
646AOT_theorem "rule-ui:3":
647  assumes α φ{α}
648  shows φ{α}
649  by (simp add: "rule-ui:2[const_var]" assms)
650lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]"
651              "rule-ui:2[lambda]" "rule-ui:3"
652
653AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β}
654  by (simp add: "∀E"(2) "→I")
655AOT_theorem "cqt-orig:1[lambda]":
656  assumes INSTANCE_OF_CQT_2(ψ)
657  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
658  by (simp add: "∀E"(3) "→I" assms)
659AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
660  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
661AOT_theorem "cqt-orig:3": α φ{α}  φ{α}
662  using "cqt-orig:1[const_var]".
663
664(* TODO: work out difference to GEN *)
665AOT_theorem universal:
666  assumes for arbitrary β: φ{β}
667  shows α φ{α}
668  using GEN assms .
669lemmas "∀I" = universal
670
671(* Generalized mechanism for "∀I" followed by ∀E *)
672ML673fun get_instantiated_allI ctxt varname thm = let
674val trm = Thm.concl_of thm
675val trm =
676  case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
677  | _ => raise Term.TERM ("Expected simple theorem.", [trm])
678fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
679    (* TODO: care about the index? *)
680    (if fst (fst v) = fst varname then [Var v] else [])
681  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
682  | extractVars (Abs (_, _, t)) = extractVars t
683  | extractVars _ = []
684val vars = extractVars trm
685val vars = fold Term.add_vars vars []
686val var = hd vars
687val trmty =
688  case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
689  | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
690val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
691      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
692       $ Var var, trm))
693val trm = Thm.cterm_of (Context.proof_of ctxt) trm
694val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
695val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
696val allthm = Drule.instantiate_normalize ([(ty, typ)],[]) @{thm "∀I"}
697val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
698val allthm = Drule.instantiate_normalize ([],[(phi,trm)]) allthm
699in
700allthm
701end
702
703
704attribute_setup "∀I" =
705  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
706  (fn ctxt => fn thm => fold (fn arg => fn thm =>
707    thm RS get_instantiated_allI ctxt arg thm) args thm))
708  "Quantify over a variable in a theorem using GEN."
709
710attribute_setup "unvarify" =
711  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
712  (fn ctxt => fn thm =>
713    let
714      fun get_inst_allI arg thm = thm RS get_instantiated_allI ctxt arg thm
715      val thm = fold get_inst_allI args thm
716      val thm = fold (K (fn thm => thm RS @{thm "∀E"(1)})) args thm
717    in
718     thm
719    end))
720  "Generalize a statement about variables to a statement about denoting terms."
721
722(* TODO: rereplace-lem does not apply to the embedding *)
723
724AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
725  by (metis "≡I" "∀E"(2) "∀I" "→I")
726
727AOT_theorem "cqt-basic:2":
728  α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
729proof (rule "≡I"; rule "→I")
730  AOT_assume α(φ{α}  ψ{α})
731  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
732  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
733    using "≡E"(1,2) "→I" by blast+
734  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
735    by (auto intro: "&I" "∀I")
736next
737  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
738  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
739    using "∀E"(2) "&E" by blast+
740  AOT_hence φ{α}  ψ{α} for α
741    using "≡I" by blast
742  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
743qed
744
745AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
746proof(rule "→I")
747  AOT_assume α(φ{α}  ψ{α})
748  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
749  {
750    AOT_assume α φ{α}
751    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
752  }
753  moreover {
754    AOT_assume α ψ{α}
755    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
756  }
757  ultimately AOT_show α φ{α}  α ψ{α}
758    using "≡I" "→I" by auto
759qed
760
761AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
762proof(rule "→I")
763  AOT_assume 0: α(φ{α} & ψ{α})
764  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
765  AOT_thus α φ{α} & α ψ{α}
766    by (auto intro: "∀I" "&I")
767qed
768
769AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
770  using "cqt-orig:3" by blast
771
772AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
773  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
774
775AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
776  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
777
778AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
779  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
780
781AOT_theorem "cqt-basic:9":
782  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
783proof -
784  {
785    AOT_assume α (φ{α}  ψ{α})
786    moreover AOT_assume α (ψ{α}  χ{α})
787    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α
788      using "∀E" by blast+
789    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
790    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
791  }
792  thus ?thesis using "&I" "→I" "&E" by meson
793qed
794
795AOT_theorem "cqt-basic:10":
796  (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
797proof(rule "→I"; rule "∀I")
798  fix β
799  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
800  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
801  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
802qed
803
804AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
805proof (rule "≡I"; rule "→I")
806  AOT_assume 0: α(φ{α}  ψ{α})
807  {
808    fix α
809    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
810    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
811  }
812  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
813next
814  AOT_assume 0: α(ψ{α}  φ{α})
815  {
816    fix α
817    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
818    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
819  }
820  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
821qed
822
823AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
824  by (simp add: "∀E"(2) "→I" GEN)
825
826AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
827  using "≡I" "→I" by blast
828
829AOT_theorem "cqt-basic:14":
830  (α1...∀αn (φ{α1...αn}  ψ{α1...αn})) 
831   ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
832  using "cqt:3"[axiom_inst] by auto
833
834AOT_theorem "cqt-basic:15":
835  (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
836  using "cqt-orig:2" by auto
837
838(* TODO: indistinguishable from GEN in the embedding *)
839AOT_theorem "universal-cor":
840  assumes for arbitrary β: φ{β}
841  shows α φ{α}
842  using GEN assms .
843
844AOT_theorem "existential:1":
845  assumes φ{τ} and τ
846  shows α φ{α}
847proof(rule "raa-cor:1")
848  AOT_assume ¬α φ{α}
849  AOT_hence α ¬φ{α}
850    using "≡dfI" "conventions:4" RAA "&I" by blast
851  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
852  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
853qed
854
855AOT_theorem "existential:2[const_var]":
856  assumes φ{β}
857  shows α φ{α}
858  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
859
860AOT_theorem "existential:2[lambda]":
861  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
862  shows α φ{α}
863  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
864lemmas "∃I" = "existential:1" "existential:2[const_var]"
865              "existential:2[lambda]" 
866
867AOT_theorem "instantiation":
868  assumes for arbitrary β: φ{β}  ψ and α φ{α}
869  shows ψ
870  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
871lemmas "∃E" = "instantiation"
872
873AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
874  using "∀E"(4) "∃I"(2) "→I" by metis
875
876AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
877  using "∀I" "∃I"(2) "→I" RAA by metis
878
879AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
880  using "∀E"(4) "∃E" "→I" RAA
881  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
882
883AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
884  using "∀I" "∃I"(2)"→I" RAA by metis
885
886AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
887  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
888
889AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
890  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
891
892(* NOTE: vacuous in the embedding *)
893AOT_theorem "cqt-further:7": α φ{α}  β φ{β}
894  by (simp add: "oth-class-taut:3:a")
895
896AOT_theorem "cqt-further:8":
897  (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
898  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
899
900AOT_theorem "cqt-further:9":
901  (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
902  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
903
904AOT_theorem "cqt-further:10":
905  (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
906proof(rule "→I"; rule "raa-cor:2")
907  AOT_assume 0: α φ{α} & ¬α ψ{α}
908  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
909  moreover AOT_assume α (φ{α}  ψ{α})
910  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
911  AOT_hence α ψ{α} using "∃I" by blast
912  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
913qed
914
915AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
916  using "≡I" "→I" "∃I"(2) "∃E" by metis
917
918subsection‹Logical Existence, Identity, and Truth›
919text‹\label{PLM: 9.7}›
920
921AOT_theorem "log-prop-prop:1":  φ]
922  using "cqt:2[lambda0]"[axiom_inst] by auto
923
924AOT_theorem "log-prop-prop:2": φ
925  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
926
927AOT_theorem "exist-nec": τ  τ
928proof -
929  AOT_have β β
930    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
931  AOT_thus τ  τ
932    using "cqt:1"[axiom_inst] "→E" by blast
933qed
934
935(* TODO: replace this mechanism by a "proof by types" command *)
936class AOT_Term_id = AOT_Term +
937  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
938      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
939
940instance κ :: AOT_Term_id
941proof
942  AOT_modally_strict {
943    AOT_show κ = κ'  κ for κ κ'
944    proof(rule "→I")
945      AOT_assume κ = κ'
946      AOT_hence O!κ  A!κ
947        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
948           (meson "→I" "∨I"(1) "&E"(1))+
949      AOT_thus κ
950        by (rule "∨E"(1))
951           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
952    qed
953  }
954next
955  AOT_modally_strict {
956    AOT_show κ = κ'  κ' for κ κ'
957    proof(rule "→I")
958      AOT_assume κ = κ'
959      AOT_hence O!κ'  A!κ'
960        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
961           (meson "→I" "∨I" "&E")+
962      AOT_thus κ'
963        by (rule "∨E"(1))
964           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
965    qed
966  }
967qed
968
969instance rel :: (AOT_κs) AOT_Term_id
970proof
971  AOT_modally_strict {
972    AOT_show Π = Π'  Π for Π Π' :: <'a>
973    proof(rule "→I")
974      AOT_assume Π = Π'
975      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
976    qed
977  }
978next
979  AOT_modally_strict {
980    AOT_show Π = Π'  Π' for Π Π' :: <'a>
981    proof(rule "→I")
982      AOT_assume Π = Π'
983      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
984    qed
985  }
986qed
987
988instance 𝗈 :: AOT_Term_id
989proof
990  AOT_modally_strict {
991    fix φ ψ
992    AOT_show φ = ψ  φ
993    proof(rule "→I")
994      AOT_assume φ = ψ
995      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
996    qed
997  }
998next
999  AOT_modally_strict {
1000    fix φ ψ
1001    AOT_show φ = ψ  ψ
1002    proof(rule "→I")
1003      AOT_assume φ = ψ
1004      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
1005    qed
1006  }
1007qed
1008
1009instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
1010proof
1011  AOT_modally_strict {
1012    fix τ τ' :: 'a×'b
1013    AOT_show τ = τ'  τ
1014    proof (induct τ; induct τ'; rule "→I")
1015      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1016      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1017      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1018      AOT_hence τ1 and τ2
1019        using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
1020      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
1021    qed
1022  }
1023next
1024  AOT_modally_strict {
1025    fix τ τ' :: 'a×'b
1026    AOT_show τ = τ'  τ'
1027    proof (induct τ; induct τ'; rule "→I")
1028      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1029      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1030      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1031      AOT_hence τ1' and τ2'
1032        using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
1033      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
1034    qed
1035  }
1036qed
1037
1038(* This is the end of the "proof by types" and
1039   makes the results available on new theorems *)
1040AOT_register_type_constraints
1041  Term: _::AOT_Term_id› _::AOT_Term_id›
1042AOT_register_type_constraints
1043  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
1044AOT_register_type_constraints
1045  Relation: <_::{AOT_κs, AOT_Term_id}>
1046
1047AOT_theorem "id-rel-nec-equiv:1":
1048  Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1049proof(rule "→I")
1050  AOT_assume assumption: Π = Π'
1051  AOT_hence Π and Π'
1052    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1053  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn)) 
1054                                     x1...∀xn ([F]x1...xn  [G]x1...xn)))
1055    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1056  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1057                                   x1...∀xn ([Π]x1...xn  [Π']x1...xn))
1058    using "∀E"(1) by blast
1059  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1060             x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1061    using assumption "→E" by blast
1062  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
1063    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1064  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1065    using "→E" by blast
1066qed
1067
1068AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
1069proof(rule "→I")
1070  AOT_assume assumption: φ = ψ
1071  AOT_hence φ and ψ
1072    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1073  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
1074    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1075  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
1076    using "∀E"(1) by blast
1077  AOT_hence (φ  φ)  (φ  ψ)
1078    using assumption "→E" by blast
1079  moreover AOT_have (φ  φ)
1080    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1081  ultimately AOT_show (φ  ψ)
1082    using "→E" by blast
1083qed
1084
1085AOT_theorem "rule=E":
1086  assumes φ{τ} and τ = σ
1087  shows φ{σ}
1088proof -
1089  AOT_have τ and σ
1090    using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
1091  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
1092    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
1093  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
1094    using "∀E"(1) by blast
1095  AOT_thus φ{σ} using assms "→E" by blast
1096qed
1097
1098AOT_theorem "propositions-lemma:1":  φ] = φ
1099proof -
1100  AOT_have φ by (simp add: "log-prop-prop:2")
1101  moreover AOT_have p  p] = p
1102    using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
1103  ultimately AOT_show  φ] = φ
1104    using "∀E" by blast
1105qed
1106
1107AOT_theorem "propositions-lemma:2":  φ]  φ
1108proof -
1109  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
1110  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
1111qed
1112
1113(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
1114
1115AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
1116  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
1117
1118(* dr-alphabetic-rules does not apply *)
1119
1120AOT_theorem "oa-exist:1": O!
1121proof -
1122  AOT_have x [E!]x] by "cqt:2[lambda]"
1123  AOT_hence 1: O! = x [E!]x]
1124    using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
1125  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1126qed
1127
1128AOT_theorem "oa-exist:2": A!
1129proof -
1130  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
1131  AOT_hence 1: A! = x ¬[E!]x]
1132    using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
1133  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1134qed
1135
1136AOT_theorem "oa-exist:3": O!x  A!x
1137proof(rule "raa-cor:1")
1138  AOT_assume ¬(O!x  A!x)
1139  AOT_hence A: ¬O!x and B: ¬A!x
1140    using "Disjunction Addition"(1) "modus-tollens:1"
1141          "∨I"(2) "raa-cor:5" by blast+
1142  AOT_have C: O! = x [E!]x]
1143    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2"
1144  AOT_have D: A! = x ¬[E!]x]
1145    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2"
1146  AOT_have E: ¬x [E!]x]x
1147    using A C "rule=E" by fast
1148  AOT_have F: ¬x ¬[E!]x]x
1149    using B D "rule=E" by fast
1150  AOT_have G: x [E!]x]x  [E!]x
1151    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1152  AOT_have H: x ¬[E!]x]x  ¬[E!]x
1153    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1154  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
1155qed
1156
1157AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
1158proof -
1159  AOT_have F = G  F & G & x(x[F]  x[G])
1160    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]"
1161          "→E" "&E" "≡I" "→I" by blast
1162  moreover AOT_have F and G
1163    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1164  ultimately AOT_show F = G  x(x[F]  x[G])
1165    using "≡S"(1) "&I" by blast
1166qed
1167
1168AOT_theorem "p-identity-thm2:2[2]":
1169  F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1170proof -
1171  AOT_have F = G  F & G &
1172              y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1173    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1174          "→E" "&E" "≡I" "→I" by blast
1175  moreover AOT_have F and G
1176    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1177  ultimately show ?thesis
1178    using "≡S"(1) "&I" by blast
1179qed
1180    
1181AOT_theorem "p-identity-thm2:2[3]":
1182  F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] &
1183                  x [F]y1xy2] = x [G]y1xy2] &
1184                  x [F]y1y2x] = x [G]y1y2x])
1185proof -
1186  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] &
1187                                     x [F]y1xy2] = x [G]y1xy2] &
1188                                     x [F]y1y2x] = x [G]y1y2x])
1189    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1190          "→E" "&E" "≡I" "→I" by blast
1191  moreover AOT_have F and G
1192    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1193  ultimately show ?thesis
1194    using "≡S"(1) "&I" by blast
1195qed
1196
1197AOT_theorem "p-identity-thm2:2[4]":
1198  F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1199                     x [F]y1xy2y3] = x [G]y1xy2y3] &
1200                     x [F]y1y2xy3] = x [G]y1y2xy3] &
1201                     x [F]y1y2y3x] = x [G]y1y2y3x])
1202proof -
1203  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1204                                        x [F]y1xy2y3] = x [G]y1xy2y3] &
1205                                        x [F]y1y2xy3] = x [G]y1y2xy3] &
1206                                        x [F]y1y2y3x] = x [G]y1y2y3x])
1207    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1208          "→E" "&E" "≡I" "→I" by blast
1209  moreover AOT_have F and G
1210    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1211  ultimately show ?thesis
1212    using "≡S"(1) "&I" by blast
1213qed
1214
1215AOT_theorem "p-identity-thm2:2":
1216  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1217proof -
1218  AOT_have F = G  F & G &
1219              x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1220    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]"
1221          "→E" "&E" "≡I" "→I" by blast
1222  moreover AOT_have F and G
1223    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1224  ultimately show ?thesis
1225    using "≡S"(1) "&I" by blast
1226qed
1227
1228AOT_theorem "p-identity-thm2:3":
1229  p = q  x p] = x q]
1230proof -
1231  AOT_have p = q  p & q & x p] = x q]
1232    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]"
1233          "→E" "&E" "≡I" "→I" by blast
1234  moreover AOT_have p and q
1235    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1236  ultimately show ?thesis
1237    using "≡S"(1) "&I" by blast
1238qed
1239
1240class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
1241
1242instance κ :: AOT_Term_id_2
1243proof
1244  AOT_modally_strict {
1245    fix x
1246    {
1247      AOT_assume O!x
1248      moreover AOT_have F([F]x  [F]x)
1249        using RN GEN "oth-class-taut:3:a" by fast
1250      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
1251    }
1252    moreover {
1253      AOT_assume A!x
1254      moreover AOT_have F(x[F]  x[F])
1255        using RN GEN "oth-class-taut:3:a" by fast
1256      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
1257    }
1258    ultimately AOT_have (O!x & O!x & F([F]x  [F]x)) 
1259                         (A!x & A!x & F(x[F]  x[F]))
1260      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
1261    AOT_thus x = x
1262      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
1263  }
1264qed
1265
1266instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
1267proof
1268  AOT_modally_strict {
1269    fix F :: "<'a> AOT_var"
1270    AOT_have 0: x1...xn [F]x1...xn] = F
1271      by (simp add: "lambda-predicates:3"[axiom_inst])
1272    AOT_have x1...xn [F]x1...xn]
1273      by "cqt:2[lambda]"
1274    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1275      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1276    AOT_show F = F using "rule=E" 0 by force 
1277  }
1278qed
1279
1280instance 𝗈 :: AOT_Term_id_2
1281proof
1282  AOT_modally_strict {
1283    fix p
1284    AOT_have 0:  p] = p
1285      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1286    AOT_have  p]
1287      by (rule "cqt:2[lambda0]"[axiom_inst])
1288    AOT_hence  p] =  p]
1289      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1290    AOT_show p = p using "rule=E" 0 by force
1291  }
1292qed
1293
1294instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1295proof
1296  AOT_modally_strict {
1297    fix α :: ('a×'b) AOT_var›
1298    AOT_show α = α
1299    proof (induct)
1300      AOT_show τ = τ if τ for τ :: 'a×'b
1301        using that
1302      proof (induct τ)
1303        fix τ1 :: 'a and τ2 :: 'b
1304        AOT_assume «(τ1,τ2)»
1305        AOT_hence τ1 and τ2
1306          using "≡dfE" "&E" tuple_denotes by blast+
1307        AOT_hence τ1 = τ1 and τ2 = τ2
1308          using "id-eq:1"[unvarify α] by blast+
1309        AOT_thus «(τ1, τ2)» = «(τ1, τ2)»
1310          by (metis "≡dfI" "&I" tuple_identity_1)
1311      qed
1312    qed
1313  }
1314qed
1315
1316AOT_register_type_constraints
1317  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1318AOT_register_type_constraints
1319  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1320AOT_register_type_constraints
1321  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1322
1323(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1324AOT_theorem "id-eq:2": α = β  β = α
1325  by (meson "rule=E" "deduction-theorem")
1326
1327AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1328  using "rule=E" "→I" "&E" by blast
1329
1330AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1331proof (rule "≡I"; rule "→I")
1332  AOT_assume 0: α = β
1333  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1334  AOT_show γ (α = γ  β = γ)
1335    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1336next
1337  AOT_assume γ (α = γ  β = γ)
1338  AOT_hence α = α  β = α using "∀E"(2) by blast
1339  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1340  AOT_hence β = α using "id-eq:1" "→E" by blast
1341  AOT_thus α = β using "id-eq:2" "→E" by blast
1342qed
1343
1344AOT_theorem "rule=I:1":
1345  assumes τ
1346  shows τ = τ
1347proof -
1348  AOT_have α (α = α)
1349    by (rule GEN) (metis "id-eq:1")
1350  AOT_thus τ = τ using assms "∀E" by blast
1351qed
1352
1353AOT_theorem "rule=I:2[const_var]": "α = α"
1354  using "id-eq:1".
1355
1356AOT_theorem "rule=I:2[lambda]":
1357  assumes INSTANCE_OF_CQT_2(φ)
1358  shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1359proof -
1360  AOT_have α (α = α)
1361    by (rule GEN) (metis "id-eq:1")
1362  moreover AOT_have ν1...νn φ{ν1...νn}]
1363    using assms by (rule "cqt:2[lambda]"[axiom_inst])
1364  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]
1365    using assms "∀E" by blast
1366qed
1367
1368lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1369
1370AOT_theorem "rule-id-df:1":
1371  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1372  shows τ{τ1...τn} = σ{τ1...τn}
1373proof -
1374  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1375    using "df-rules-terms[3]" assms(1) "&E" by blast
1376  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1377    using assms(2) "→E" by blast
1378qed
1379
1380AOT_theorem "rule-id-df:1[zero]":
1381  assumes τ =df σ and σ
1382  shows τ = σ
1383proof -
1384  AOT_have σ  τ = σ
1385    using "df-rules-terms[4]" assms(1) "&E" by blast
1386  AOT_thus τ = σ
1387    using assms(2) "→E" by blast
1388qed
1389
1390AOT_theorem "rule-id-df:2:a":
1391  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1392  shows φ{σ{τ1...τn}}
1393proof -
1394  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1395  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1396qed
1397
1398(* TODO: get rid of this, ideally *)
1399AOT_theorem "rule-id-df:2:a[2]":
1400  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1401      and σ{«(τ1,τ2)»}
1402      and φ{τ{«(τ1,τ2)»}}
1403  shows φ{σ{«(τ1,τ2)»}}
1404proof -
1405  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1406  proof -
1407    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1408      (* NOTE: semantics needed *)
1409      using assms
1410      by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not
1411                    AOT_sem_denotes AOT_model_id_def)
1412    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1413      using assms(2) "→E" by blast
1414  qed
1415  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1416qed
1417
1418AOT_theorem "rule-id-df:2:a[zero]":
1419  assumes τ =df σ and σ and φ{τ}
1420  shows φ{σ}
1421proof -
1422  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1423  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1424qed
1425
1426lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1427
1428AOT_theorem "rule-id-df:2:b":
1429  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1430  shows φ{τ{τ1...τn}}
1431proof -
1432  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1433  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1434    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1435  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1436qed
1437
1438(* TODO: get rid of this, ideally *)
1439AOT_theorem "rule-id-df:2:b[2]":
1440  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1441      and σ{«(τ1,τ2)»}
1442      and φ{σ{«(τ1,τ2)»}}
1443  shows φ{τ{«(τ1,τ2)»}}
1444proof -
1445  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1446  proof -
1447    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1448      (* NOTE: semantics needed *)
1449      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq
1450                                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
1451    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1452      using assms(2) "→E" by blast
1453  qed
1454  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1455    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1456  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1457qed
1458
1459AOT_theorem "rule-id-df:2:b[zero]":
1460  assumes τ =df σ and σ and φ{σ}
1461  shows φ{τ}
1462proof -
1463  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1464  AOT_hence σ = τ
1465    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1466  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1467qed
1468
1469lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1470
1471AOT_theorem "free-thms:1": τ  β (β = τ)
1472  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1473
1474AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1475  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1476
1477AOT_theorem "free-thms:3[const_var]": β (β = α)
1478  by (meson "∃I"(2) "id-eq:1")
1479
1480AOT_theorem "free-thms:3[lambda]":
1481  assumes INSTANCE_OF_CQT_2(φ)
1482  shows β (β = ν1...νn φ{ν1...νn}])
1483  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1484
1485AOT_theorem "free-thms:4[rel]":
1486  ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1487  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1488            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1489
1490AOT_theorem "free-thms:4[vars]":
1491  ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1492  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1493            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1494
1495AOT_theorem "free-thms:4[1,rel]":
1496  ([Π]κ  κ[Π])  β (β = Π)
1497  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1498            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1499AOT_theorem "free-thms:4[1,1]":
1500  ([Π]κ  κ[Π])  β (β = κ)
1501  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1502            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1503
1504AOT_theorem "free-thms:4[2,rel]":
1505  ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1506  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1507            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1508AOT_theorem "free-thms:4[2,1]":
1509  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1510  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1511            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1512AOT_theorem "free-thms:4[2,2]":
1513  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1514  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1515            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1516AOT_theorem "free-thms:4[3,rel]":
1517  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1518  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1519            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1520AOT_theorem "free-thms:4[3,1]":
1521  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1522  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1523            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1524AOT_theorem "free-thms:4[3,2]":
1525  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1526  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1527            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1528AOT_theorem "free-thms:4[3,3]":
1529  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1530  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1531            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1532AOT_theorem "free-thms:4[4,rel]":
1533  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1534  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1535            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1536AOT_theorem "free-thms:4[4,1]":
1537  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1538  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1539            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1540AOT_theorem "free-thms:4[4,2]":
1541  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1542  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1543            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1544AOT_theorem "free-thms:4[4,3]":
1545  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1546  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1547            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1548AOT_theorem "free-thms:4[4,4]":
1549  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1550  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1551            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1552
1553AOT_theorem "ex:1:a": α α
1554  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1555AOT_theorem "ex:1:b": αβ(β = α)
1556  by (rule GEN) (fact "free-thms:3[const_var]")
1557
1558AOT_theorem "ex:2:a": α
1559  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1560AOT_theorem "ex:2:b": β(β = α)
1561  by (rule RN) (fact "free-thms:3[const_var]")
1562
1563AOT_theorem "ex:3:a": α α
1564  by (rule RN) (fact "ex:1:a")
1565AOT_theorem "ex:3:b": αβ(β = α)
1566  by (rule RN) (fact "ex:1:b")
1567
1568AOT_theorem "ex:4:a": α α
1569  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1570AOT_theorem "ex:4:b": αβ(β = α)
1571  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1572
1573AOT_theorem "ex:5:a": α α
1574  by (rule RN) (simp add: "ex:4:a")
1575AOT_theorem "ex:5:b": αβ(β = α)
1576  by (rule RN) (simp add: "ex:4:b")
1577
1578AOT_theorem "all-self=:1": α(α = α)
1579  by (rule RN; rule GEN) (fact "id-eq:1")
1580AOT_theorem "all-self=:2": α(α = α)
1581  by (rule GEN; rule RN) (fact "id-eq:1")
1582
1583AOT_theorem "id-nec:1": α = β  (α = β)
1584proof(rule "→I")
1585  AOT_assume α = β
1586  moreover AOT_have (α = α)
1587    by (rule RN) (fact "id-eq:1")
1588  ultimately AOT_show (α = β) using "rule=E" by fast
1589qed
1590
1591AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1592proof(rule "→I")
1593  AOT_assume asm: τ = σ
1594  moreover AOT_have τ
1595    using calculation "t=t-proper:1" "→E" by blast
1596  moreover AOT_have (τ = τ)
1597    using calculation "all-self=:2" "∀E"(1) by blast
1598  ultimately AOT_show (τ = σ) using "rule=E" by fast
1599qed
1600
1601AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1602proof (rule "≡I"; rule "→I")
1603  AOT_assume asm: φ{α}
1604  AOT_show β (β = α & φ{β})
1605    by (rule "∃I"(2)[where β=α]; rule "&I")
1606       (auto simp: "id-eq:1" asm)
1607next
1608  AOT_assume 0: β (β = α & φ{β})
1609  AOT_obtain β where β = α & φ{β}
1610    using "∃E"[rotated, OF 0] by blast
1611  AOT_thus φ{α} using "&E" "rule=E" by blast
1612qed
1613
1614AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1615proof(rule "→I")
1616  AOT_assume τ
1617  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1618    by (rule GEN) (fact "term-out:1")
1619  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1620    using "∀E" by blast
1621qed
1622
1623(* TODO: example of an apply-style proof. Keep or reformulate? *)
1624AOT_theorem "term-out:3":
1625  (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1626  apply (rule "≡I"; rule "→I")
1627   apply (frule "&E"(1))
1628   apply (drule "&E"(2))
1629   apply (rule GEN; rule "≡I"; rule "→I")
1630  using "rule-ui:2[const_var]" "vdash-properties:5"
1631    apply blast
1632   apply (meson "rule=E" "id-eq:1")
1633  apply (rule "&I")
1634  using "id-eq:1" "≡E"(2) "rule-ui:3"
1635   apply blast
1636  apply (rule GEN; rule "→I")
1637  using "≡E"(1) "rule-ui:2[const_var]"
1638  by blast
1639
1640(* Note: generalized alphabetic variant of the last theorem. *)
1641AOT_theorem "term-out:4":
1642  (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1643  using "term-out:3" .
1644
1645(* TODO: would of course be nice to define it without the syntax magic *)
1646AOT_define AOT_exists_unique :: ‹α  φ  φ› "uniqueness:1":
1647  «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1648syntax "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1649AOT_syntax_print_translations
1650  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1651syntax
1652   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ›
1653   (∃!_...∃!_ _› [1,40])
1654parse_ast_translation1655[(syntax_const‹_AOT_exists_unique_ellipse›,
1656  fn ctx => fn [a,b,c] => Ast.mk_appl (Ast.Constant "AOT_exists_unique")
1657  [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1658 (syntax_const‹_AOT_exists_unique›,
1659  AOT_restricted_binder
1660    const_name‹AOT_exists_unique›
1661    const_syntax‹AOT_conj›)]
1662print_translationAOT_syntax_print_translations [
1663  AOT_preserve_binder_abs_tr'
1664    const_syntax‹AOT_exists_unique›
1665    syntax_const‹_AOT_exists_unique›
1666    (syntax_const‹_AOT_exists_unique_ellipse›, true)
1667    const_name‹AOT_conj›,
1668  AOT_binder_trans
1669    @{theory}
1670    @{binding "AOT_exists_unique_binder"}
1671    syntax_const‹_AOT_exists_unique›
1672]
1673
1674
1675context AOT_meta_syntax
1676begin
1677notation AOT_exists_unique (binder "!" 20)
1678end
1679context AOT_no_meta_syntax
1680begin
1681no_notation AOT_exists_unique (binder "!" 20)
1682end
1683
1684AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1685proof(rule "≡I"; rule "→I")
1686    AOT_assume ∃!α φ{α}
1687    AOT_hence α (φ{α} & β (φ{β}  β = α))
1688      using "uniqueness:1" "≡dfE" by blast
1689    then AOT_obtain α where φ{α} & β (φ{β}  β = α)
1690      using "instantiation"[rotated] by blast
1691    AOT_hence β(φ{β}  β = α)
1692      using "term-out:3" "≡E" by blast
1693    AOT_thus αβ(φ{β}  β = α)
1694      using "∃I" by fast
1695next
1696    AOT_assume αβ(φ{β}  β = α)
1697    then AOT_obtain α where β (φ{β}  β = α)
1698      using "instantiation"[rotated] by blast
1699    AOT_hence φ{α} & β (φ{β}  β = α)
1700      using "term-out:3" "≡E" by blast
1701    AOT_hence α (φ{α} & β (φ{β}  β = α))
1702      using "∃I" by fast
1703    AOT_thus ∃!α φ{α}
1704      using "uniqueness:1" "≡dfI" by blast
1705qed
1706
1707AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1708proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1709  fix β γ
1710  AOT_assume ∃!α φ{α}
1711  AOT_hence αβ(φ{β}  β = α)
1712    using "uniqueness:2" "≡E" by blast
1713  then AOT_obtain α where β(φ{β}  β = α)
1714    using "instantiation"[rotated] by blast
1715  moreover AOT_assume φ{β} & φ{γ}
1716  ultimately AOT_have β = α and γ = α
1717    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1718  AOT_thus β = γ
1719    by (metis "rule=E" "id-eq:2" "→E")
1720qed
1721
1722AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1723proof (rule "→I"; rule "→I")
1724  AOT_assume a: α(φ{α}  φ{α})
1725  AOT_assume ∃!α φ{α}
1726  AOT_hence α (φ{α} & β (φ{β}  β = α))
1727    using "uniqueness:1" "≡dfE" by blast
1728  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α)
1729    using "instantiation"[rotated] by blast
1730  AOT_have φ{α}
1731    using ξ a "&E" "∀E" "→E" by fast
1732  moreover AOT_have β (φ{β}  β = α)
1733    apply (rule GEN; rule "→I")
1734    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"]
1735          "qml:2"[axiom_inst, THEN "→E"] by blast
1736  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1737    using "&I" by blast
1738  AOT_thus ∃!α φ{α}
1739    using "uniqueness:1" "≡dfI" "∃I" by fast
1740qed
1741
1742subsection‹The Theory of Actuality and Descriptions›
1743text‹\label{PLM: 9.8}›
1744
1745AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1746  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1747
1748AOT_theorem "nec-imp-act": φ  𝒜φ
1749  by (metis "act-cond" "contraposition:1[2]" "≡E"(4)
1750            "qml:2"[THEN act_closure, axiom_inst]
1751            "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1752
1753AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1754  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst]
1755        "logic-actual-nec:4"[axiom_inst] by blast
1756
1757AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1758  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst]
1759            "logic-actual-nec:4"[axiom_inst] RAA(1))
1760
1761AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1762proof -
1763  AOT_have (φ  (ψ  (φ & ψ)))
1764    by (rule RN) (fact Adjunction)
1765  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1766    using "nec-imp-act" "→E" by blast
1767  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1768    using "act-cond" "→E" by blast
1769  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1770    by (fact "act-cond")
1771  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1772    using "→I" "→E" by metis
1773  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1774    by (metis Importation "→E")
1775qed
1776
1777AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1778proof -
1779  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1780    by (fact "act-conj-act:3")
1781  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1782    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1783  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1784    using "→E" by blast
1785  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1786    using "conventions:3"[THEN "df-rules-formulas[2]",
1787                          THEN act_closure, axiom_inst] by blast
1788  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1789    using "act-cond" "→E" by blast
1790  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1791qed
1792
1793(* TODO: consider introducing AOT_inductive *)
1794inductive arbitrary_actualization for φ where
1795  arbitrary_actualization φ «𝒜φ»
1796| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1797declare arbitrary_actualization.cases[AOT]
1798        arbitrary_actualization.induct[AOT]
1799        arbitrary_actualization.simps[AOT]
1800        arbitrary_actualization.intros[AOT]
1801syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop›
1802  ("ARBITRARY'_ACTUALIZATION'(_,_')")
1803
1804notepad
1805begin
1806  AOT_modally_strict {
1807    fix φ
1808    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1809      using AOT_PLM.arbitrary_actualization.intros by metis
1810    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1811      using AOT_PLM.arbitrary_actualization.intros by metis
1812    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1813      using AOT_PLM.arbitrary_actualization.intros by metis
1814  }
1815end
1816
1817
1818AOT_theorem "closure-act:1":
1819  assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ)
1820  shows ψ
1821using assms proof(induct)
1822  case 1
1823  AOT_show 𝒜(𝒜φ  φ)
1824    by (simp add: "act-conj-act:4")
1825next
1826  case (2 ψ)
1827  AOT_thus 𝒜ψ
1828    by (metis arbitrary_actualization.simps "≡E"(1)
1829              "logic-actual-nec:4"[axiom_inst])
1830qed
1831
1832AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1833  by (simp add: "act-conj-act:4" "∀I")
1834
1835AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1836  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "∀I"
1837            "logic-actual-nec:3"[axiom_inst]
1838            "logic-actual-nec:4"[axiom_inst])
1839
1840AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1841  using "closure-act:3" .
1842
1843(* TODO: examine these proofs *)
1844AOT_act_theorem "RA[1]":
1845  assumes  φ
1846  shows  𝒜φ
1847  ― ‹While this proof is rejected in PLM,
1848      we merely state it as modally-fragile rule,
1849      which addresses the concern in PLM.›
1850  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst]
1851        "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1852AOT_theorem "RA[2]":
1853  assumes  φ
1854  shows  𝒜φ
1855  ― ‹This rule is in fact a consequence of RN and
1856      does not require an appeal to the semantics itself.›
1857  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1858AOT_theorem "RA[3]":
1859  assumes Γ  φ
1860  shows 𝒜Γ  𝒜φ
1861  text‹This appears to only be derivable this is derivable
1862       from the semantics, but apparently no proof actually relies on it.
1863       If this turns out to be required, it is valid to derive it from the
1864       semantics just like RN, but we refrain from doing so, unless necessary.›
1865  (*  using assms by (meson AOT_sem_act imageI) *)
1866  oops
1867
1868AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1869  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem"
1870                "≡I" "logic-actual"[act_axiom_inst])
1871
1872AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1873  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1"
1874        "useful-tautologies:2" by blast
1875
1876AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1877  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1878
1879AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1880proof (rule "≡I"; rule "→I")
1881  AOT_assume 𝒜(φ & ψ)
1882  moreover AOT_have 𝒜((φ & ψ)  φ)
1883    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1884  moreover AOT_have 𝒜((φ & ψ)  ψ)
1885    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1886  ultimately AOT_show 𝒜φ & 𝒜ψ
1887    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1888next
1889  AOT_assume 𝒜φ & 𝒜ψ
1890  AOT_thus 𝒜(φ & ψ)
1891    using "act-conj-act:3" "vdash-properties:6" by blast
1892qed
1893
1894AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1895proof (rule "≡I"; rule "→I")
1896  AOT_assume 𝒜(φ  ψ)
1897  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1898    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1899  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1900    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1901  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1902    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1903next
1904  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1905  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1906    by (metis "act-conj-act:3" "vdash-properties:10")
1907  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1908    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]"
1909                  "vdash-properties:1[2]")
1910  ultimately AOT_show 𝒜(φ  ψ)
1911    using "act-cond"[THEN "→E", THEN "→E"] by metis
1912qed
1913
1914AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1915proof (rule "≡I"; rule "→I")
1916  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1917  AOT_show 𝒜φ  𝒜ψ
1918    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1919next
1920  AOT_assume 𝒜φ  𝒜ψ
1921  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1922    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1923qed
1924
1925AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1926  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1927
1928AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1929  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1930
1931AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1932  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act"
1933            "qml-act:2"[axiom_inst])
1934
1935AOT_theorem "Act-Basic:8": φ  𝒜φ
1936  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1937
1938AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1939proof (rule "≡I"; rule "→I")
1940  AOT_assume 𝒜(φ  ψ)
1941  AOT_thus 𝒜φ  𝒜ψ
1942  proof (rule "raa-cor:3")
1943    AOT_assume ¬(𝒜φ  𝒜ψ)
1944    AOT_hence ¬𝒜φ & ¬𝒜ψ
1945      by (metis "≡E"(1) "oth-class-taut:5:d")
1946    AOT_hence 𝒜¬φ & 𝒜¬ψ
1947      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1948    AOT_hence 𝒜(¬φ & ¬ψ)
1949      using "≡E" "Act-Basic:2" by metis
1950    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1951      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1952    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1953      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1954    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1955    AOT_thus ¬𝒜(φ  ψ)
1956      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1957  qed
1958next
1959  AOT_assume 𝒜φ  𝒜ψ
1960  AOT_thus 𝒜(φ  ψ)
1961    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1,2))
1962qed
1963
1964AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1965proof -
1966  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1967    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1968       (metis "logic-actual-nec:3"[axiom_inst])
1969  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1970    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1971       (rule "logic-actual-nec:1"[THEN universal_closure,
1972               axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1973  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1974    using "conventions:4"[THEN "df-rules-formulas[1]",
1975                          THEN act_closure, axiom_inst]
1976          "conventions:4"[THEN "df-rules-formulas[2]",
1977                          THEN act_closure, axiom_inst]
1978    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1979  also AOT_have   ¬𝒜α ¬φ{α}
1980    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1981  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1982  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1983  also AOT_have   α 𝒜 φ{α}
1984    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1985  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1986qed
1987
1988
1989AOT_theorem "Act-Basic:11":
1990  𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1991proof(rule "≡I"; rule "→I")
1992  AOT_assume 𝒜α(φ{α}  ψ{α})
1993  AOT_hence α𝒜(φ{α}  ψ{α})
1994    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1995  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1996  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1997  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1998next
1999  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
2000  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
2001  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
2002  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
2003  AOT_thus 𝒜α(φ{α}  ψ{α})
2004    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2005qed
2006
2007AOT_act_theorem "act-quant-uniq":
2008  β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
2009proof(rule "≡I"; rule "→I")
2010  AOT_assume β(𝒜φ{β}  β = α)
2011  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2012  AOT_hence φ{β}  β = α for β
2013    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
2014    by metis
2015  AOT_thus β(φ{β}  β = α) by (rule "∀I")
2016next
2017  AOT_assume β(φ{β}  β = α)
2018  AOT_hence φ{β}  β = α for β using "∀E" by blast
2019  AOT_hence 𝒜φ{β}  β = α for β
2020    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
2021    by metis
2022  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
2023qed
2024
2025AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
2026  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
2027
2028AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
2029  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3"
2030        "fund-cont-desc" "≡E"(5) by blast
2031
2032
2033locale russell_axiom =
2034  fixes ψ
2035  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
2036begin
2037AOT_act_theorem "russell-axiom":
2038  ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
2039proof -
2040  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
2041    using hintikka "∀I" by fast
2042  show ?thesis
2043  proof(rule "≡I"; rule "→I")
2044    AOT_assume c: ψ{ιx φ{x}}
2045    AOT_hence d: ιx φ{x}
2046      using ψ_denotes_asm by blast
2047    AOT_hence y (y = ιx φ{x})
2048      by (metis "rule=I:1" "existential:1")
2049    then AOT_obtain a where a_def: a = ιx φ{x}
2050      using "instantiation"[rotated] by blast
2051    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a))
2052      using b "∀E" by blast
2053    ultimately AOT_have φ{a} & z(φ{z}  z = a)
2054      using "≡E" by blast
2055    moreover AOT_have ψ{a}
2056    proof - 
2057      AOT_have 1: xy(x = y  y = x)
2058        by (simp add: "id-eq:2" "universal-cor")
2059      AOT_have a = ιx φ{x}   ιx φ{x} = a
2060        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2061           (auto simp: 1 d "universal-cor")
2062      AOT_thus ψ{a}
2063        using a_def c "rule=E" "→E" by blast
2064    qed
2065    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
2066    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
2067  next
2068    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
2069    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b}
2070      using "instantiation"[rotated] by blast
2071    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b))
2072      using b "∀E" by blast
2073    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b}
2074      using g "&E" by blast+
2075    AOT_hence b = ιx φ{x} using h "≡E" by blast
2076    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
2077  qed
2078qed
2079end
2080
2081(* TODO: this nicely shows off using locales with the embedding,
2082         but maybe there is still a nicer way *)
2083(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these
2084         instantiation instead of referring to cqt:5:a - should be fixed *)
2085interpretation "russell-axiom[exe,1]": russell_axiom λ κ . «[Π]κ»
2086  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
2087interpretation "russell-axiom[exe,2,1,1]": russell_axiom λ κ . «[Π]κκ'»
2088  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
2089interpretation "russell-axiom[exe,2,1,2]": russell_axiom λ κ . «[Π]κ'κ»
2090  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2091interpretation "russell-axiom[exe,2,2]": russell_axiom λ κ . «[Π]κκ»
2092  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2093interpretation "russell-axiom[exe,3,1,1]": russell_axiom λ κ . «[Π]κκ'κ''»
2094  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2095interpretation "russell-axiom[exe,3,1,2]": russell_axiom λ κ . «[Π]κ'κκ''»
2096  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2097interpretation "russell-axiom[exe,3,1,3]": russell_axiom λ κ . «[Π]κ'κ''κ»
2098  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2099interpretation "russell-axiom[exe,3,2,1]": russell_axiom λ κ . «[Π]κκκ'»
2100  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2101interpretation "russell-axiom[exe,3,2,2]": russell_axiom λ κ . «[Π]κκ'κ»
2102  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2103interpretation "russell-axiom[exe,3,2,3]": russell_axiom λ κ . «[Π]κ'κκ»
2104  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2105interpretation "russell-axiom[exe,3,3]": russell_axiom λ κ . «[Π]κκκ»
2106  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2107
2108interpretation "russell-axiom[enc,1]": russell_axiom λ κ . «κ[Π]»
2109  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
2110interpretation "russell-axiom[enc,2,1]": russell_axiom λ κ . «κκ'[Π]»
2111  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
2112interpretation "russell-axiom[enc,2,2]": russell_axiom λ κ . «κ'κ[Π]»
2113  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2114interpretation "russell-axiom[enc,2,3]": russell_axiom λ κ . «κκ[Π]»
2115  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2116interpretation "russell-axiom[enc,3,1,1]": russell_axiom λ κ . «κκ'κ''[Π]»
2117  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2118interpretation "russell-axiom[enc,3,1,2]": russell_axiom λ κ . «κ'κκ''[Π]»
2119  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2120interpretation "russell-axiom[enc,3,1,3]": russell_axiom λ κ . «κ'κ''κ[Π]»
2121  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2122interpretation "russell-axiom[enc,3,2,1]": russell_axiom λ κ . «κκκ'[Π]»
2123  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2124interpretation "russell-axiom[enc,3,2,2]": russell_axiom λ κ . «κκ'κ[Π]»
2125  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2126interpretation "russell-axiom[enc,3,2,3]": russell_axiom λ κ . «κ'κκ[Π]»
2127  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2128interpretation "russell-axiom[enc,3,3]": russell_axiom λ κ . «κκκ[Π]»
2129  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2130
2131AOT_act_theorem "!-exists:1": ιx φ{x}  ∃!x φ{x}
2132proof(rule "≡I"; rule "→I")
2133  AOT_assume ιx φ{x}
2134  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2135  then AOT_obtain a where a = ιx φ{x}
2136    using "instantiation"[rotated] by blast
2137  AOT_hence φ{a} & z (φ{z}  z = a)
2138    using hintikka "≡E" by blast
2139  AOT_hence x (φ{x} & z (φ{z}  z = x))
2140    by (rule "∃I")
2141  AOT_thus ∃!x φ{x}
2142    using "uniqueness:1"[THEN "≡dfI"] by blast
2143next
2144  AOT_assume ∃!x φ{x}
2145  AOT_hence x (φ{x} & z (φ{z}  z = x))
2146    using "uniqueness:1"[THEN "≡dfE"] by blast
2147  then AOT_obtain b where φ{b} & z (φ{z}  z = b)
2148    using "instantiation"[rotated] by blast
2149  AOT_hence b = ιx φ{x}
2150    using hintikka "≡E" by blast
2151  AOT_thus ιx φ{x}
2152    by (metis "t=t-proper:2" "vdash-properties:6")
2153qed
2154
2155AOT_act_theorem "!-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
2156  using "!-exists:1" "free-thms:1" "≡E"(6) by blast
2157
2158AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
2159  using "&E"(1) "→I" hintikka "≡E"(1) by blast
2160
2161(* Note: generalized alphabetic variant of the last theorem *)
2162AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1".
2163
2164AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
2165proof(rule "→I")
2166  AOT_assume ιx φ{x}
2167  AOT_hence y (y = ιx φ{x})
2168    by (metis "rule=I:1" "existential:1")
2169  then AOT_obtain a where a = ιx φ{x}
2170    using "instantiation"[rotated] by blast
2171  moreover AOT_have φ{a}
2172    using calculation hintikka "≡E"(1) "&E" by blast
2173  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
2174qed
2175
2176AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
2177  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
2178
2179
2180AOT_theorem "act-quant-nec":
2181  β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
2182proof(rule "≡I"; rule "→I")
2183  AOT_assume β (𝒜φ{β}  β = α)
2184  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2185  AOT_hence 𝒜𝒜φ{β}  β = α for β 
2186    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2187  AOT_thus β(𝒜𝒜φ{β}  β = α)
2188    by (rule "∀I")
2189next
2190  AOT_assume β(𝒜𝒜φ{β}  β = α)
2191  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
2192  AOT_hence 𝒜φ{β}  β = α for β
2193    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2194  AOT_thus β (𝒜φ{β}  β = α)
2195    by (rule "∀I")
2196qed
2197
2198AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
2199proof -
2200  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)
2201    using descriptions[axiom_inst] by blast
2202  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
2203  proof(rule "≡I"; rule "→I"; rule "∀I")
2204    AOT_assume z (𝒜φ{z}  z = x)
2205    AOT_hence 𝒜φ{a}  a = x for a
2206      using "∀E" by blast
2207    AOT_thus 𝒜𝒜φ{a}  a = x for a
2208      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2209  next
2210    AOT_assume z (𝒜𝒜φ{z}  z = x)
2211    AOT_hence 𝒜𝒜φ{a}  a = x for a
2212      using "∀E" by blast
2213    AOT_thus 𝒜φ{a}  a = x for a
2214      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2215  qed
2216  also AOT_have ...  x = ιx(𝒜φ{x})
2217    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
2218  finally show ?thesis .
2219qed
2220
2221AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
2222proof(rule "→I")
2223  AOT_assume ιx φ{x}
2224  AOT_hence y (y = ιx φ{x})
2225    by (metis "rule=I:1" "existential:1")
2226  then AOT_obtain a where a = ιx φ{x}
2227    using "instantiation"[rotated] by blast
2228  moreover AOT_have a = ιx(𝒜φ{x})
2229    using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
2230  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x})
2231    using "rule=E" by fast
2232qed
2233
2234AOT_theorem "nec-hintikka-scheme":
2235  x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
2236proof -
2237  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x)
2238    using descriptions[axiom_inst] by blast
2239  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
2240    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
2241  finally show ?thesis.
2242qed
2243
2244AOT_theorem "equiv-desc-eq:1":
2245  𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2246proof(rule "→I"; rule "∀I")
2247  fix β
2248  AOT_assume 𝒜x(φ{x}  ψ{x})
2249  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2250    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
2251  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x
2252    by (metis "Act-Basic:5" "≡E"(1))
2253  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β)
2254    using "nec-hintikka-scheme" by blast
2255  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2256  proof (rule "≡I"; rule "→I")
2257    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
2258    AOT_hence 𝒜φ{z}  z = β for z
2259      using "&E" "∀E" by blast
2260    AOT_hence 𝒜ψ{z}  z = β for z
2261      using 0 "≡E" "→I" "→E" by metis
2262    AOT_hence z(𝒜ψ{z}  z = β)
2263      using "∀I" by fast
2264    moreover AOT_have 𝒜ψ{β}
2265      using "&E" 0[THEN "≡E"(1)] 1 by blast
2266    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2267      using "&I" by blast
2268  next
2269    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2270    AOT_hence 𝒜ψ{z}  z = β for z
2271      using "&E" "∀E" by blast
2272    AOT_hence 𝒜φ{z}  z = β for z
2273      using 0 "≡E" "→I" "→E" by metis
2274    AOT_hence z(𝒜φ{z}  z = β)
2275      using "∀I" by fast
2276    moreover AOT_have 𝒜φ{β}
2277      using "&E" 0[THEN "≡E"(2)] 1 by blast
2278    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β)
2279      using "&I" by blast
2280  qed
2281  also AOT_have ...  β = ιx ψ{x}
2282    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
2283  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
2284qed
2285
2286AOT_theorem "equiv-desc-eq:2":
2287  ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2288proof(rule "→I")
2289  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
2290  AOT_hence 0: y (y = ιx φ{x}) and
2291            1: x (x = ιx φ{x}  x = ιx ψ{x})
2292    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
2293  then AOT_obtain a where a = ιx φ{x}
2294    using "instantiation"[rotated] by blast
2295  moreover AOT_have a = ιx ψ{x}
2296    using calculation 1 "∀E" "≡E"(1) by fast
2297  ultimately AOT_show ιx φ{x} = ιx ψ{x}
2298    using "rule=E" by fast
2299qed
2300
2301AOT_theorem "equiv-desc-eq:3":
2302  ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2303  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E"
2304        "nec-imp-act"[THEN "→E"] by metis
2305
2306(* Note: this is a special case of "exist-nec" *)
2307AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
2308proof(rule "→I")
2309  AOT_assume ιx φ{x}
2310  AOT_hence y (y = ιx φ{x})
2311    by (metis "rule=I:1" "existential:1")
2312  then AOT_obtain a where a = ιx φ{x}
2313    using "instantiation"[rotated] by blast
2314  AOT_thus ιx φ{x}
2315    using "ex:2:a" "rule=E" by fast
2316qed
2317
2318AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
2319proof(rule "→I")
2320  AOT_assume ιx φ{x}
2321  AOT_hence y (y = ιx φ{x})
2322    by (metis "rule=I:1" "existential:1")
2323  then AOT_obtain a where a = ιx φ{x}
2324    using "instantiation"[rotated] by blast
2325  AOT_hence (a = ιx φ{x})
2326    by (metis "id-nec:2" "vdash-properties:10")
2327  AOT_thus y (y = ιx φ{x})
2328    by (rule "∃I")
2329qed
2330
2331AOT_act_theorem "equiv-desc-eq2:1":
2332  x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2333  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2334        "equiv-desc-eq:1"[THEN "→E"]
2335        "RA[1]" "deduction-theorem" by blast
2336
2337AOT_act_theorem "equiv-desc-eq2:2":
2338  ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2339  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2340        "equiv-desc-eq:2"[THEN "→E", OF "&I"]
2341        "RA[1]" "deduction-theorem" "&E" by metis
2342
2343context russell_axiom
2344begin
2345AOT_theorem "nec-russell-axiom":
2346  ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2347proof -
2348  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
2349    using "nec-hintikka-scheme" "∀I" by fast
2350  show ?thesis
2351  proof(rule "≡I"; rule "→I")
2352    AOT_assume c: ψ{ιx φ{x}}
2353    AOT_hence d: ιx φ{x}
2354      using ψ_denotes_asm by blast
2355    AOT_hence y (y = ιx φ{x})
2356      by (metis "rule=I:1" "existential:1")
2357    then AOT_obtain a where a_def: a = ιx φ{x}
2358      using "instantiation"[rotated] by blast
2359    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a))
2360      using b "∀E" by blast
2361    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a)
2362      using "≡E" by blast
2363    moreover AOT_have ψ{a}
2364    proof - 
2365      AOT_have 1: xy(x = y  y = x)
2366        by (simp add: "id-eq:2" "universal-cor")
2367      AOT_have a = ιx φ{x}   ιx φ{x} = a
2368        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2369           (auto simp: d "universal-cor" 1)
2370      AOT_thus ψ{a}
2371        using a_def c "rule=E" "→E" by metis
2372    qed
2373    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a}
2374      by (rule "&I")
2375    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2376      by (rule "∃I")
2377  next
2378    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2379    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b}
2380      using "instantiation"[rotated] by blast
2381    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b))
2382      using b "∀E" by blast
2383    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b}
2384      using g "&E" by blast+
2385    AOT_hence b = ιx φ{x}
2386      using h "≡E" by blast
2387    AOT_thus ψ{ιx φ{x}}
2388      using j "rule=E" by blast
2389  qed
2390qed
2391end
2392
2393AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
2394proof (rule "≡I"; rule "→I")
2395  AOT_assume ιx φ{x}
2396  AOT_hence y (y = ιx φ{x})
2397    by (metis "rule=I:1" "existential:1")
2398  then AOT_obtain a where a = ιx φ{x}
2399    using "instantiation"[rotated] by blast
2400  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2401    using descriptions[axiom_inst] by blast
2402  ultimately AOT_have z(𝒜φ{z}  z = a)
2403    using "≡E" by blast
2404  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
2405  AOT_thus ∃!x 𝒜φ{x}
2406    using "uniqueness:2"[THEN "≡E"(2)] by fast
2407next
2408  AOT_assume ∃!x 𝒜φ{x}
2409  AOT_hence xz(𝒜φ{z}  z = x)
2410    using "uniqueness:2"[THEN "≡E"(1)] by fast
2411  then AOT_obtain a where z(𝒜φ{z}  z = a)
2412    using "instantiation"[rotated] by blast
2413  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2414    using descriptions[axiom_inst] by blast
2415  ultimately AOT_have a = ιx φ{x}
2416    using "≡E" by blast
2417  AOT_thus ιx φ{x}
2418    by (metis "t=t-proper:2" "vdash-properties:6")
2419qed
2420
2421AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
2422  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme"
2423        "reductio-aa:2" "vdash-properties:9" by blast
2424
2425(* Note: generalized alphabetic variant of the last theorem *)
2426AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
2427  using "actual-desc:2".
2428
2429AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
2430proof(rule "→I")
2431  AOT_assume ιx φ{x}
2432  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2433  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
2434  AOT_thus 𝒜φ{ιx φ{x}}
2435    using "actual-desc:2" "rule=E" "→E" by fast
2436qed
2437
2438(* TODO: take another look at proof in PLM *)
2439AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
2440proof(rule "→I")
2441  AOT_assume 0: ιx φ{x} = ιx ψ{x}
2442  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
2443    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
2444  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x})
2445    by (metis "rule=I:1" "existential:1")+
2446  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
2447    using "instantiation"[rotated] by metis
2448
2449  AOT_have αβ (α = β  β = α)
2450    by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2451  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2452    using "∀E" φ_down by blast
2453  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2454    using "∀E" ψ_down by blast
2455  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2456    "→E" by blast
2457
2458  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2459  proof(rule "≡I"; rule "→I")
2460    AOT_assume 𝒜φ{x}
2461    moreover AOT_have 𝒜φ{x}  x = a for x
2462      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)]
2463            "∀E" by blast
2464    ultimately AOT_have x = a
2465      using "→E" by blast
2466    AOT_hence x = ιx φ{x}
2467      using a_eq "rule=E" by blast
2468    AOT_hence x = ιx ψ{x}
2469      using 0 "rule=E" by blast
2470    AOT_thus 𝒜ψ{x}
2471      by (metis "actual-desc:3" "vdash-properties:6")
2472  next
2473    AOT_assume 𝒜ψ{x}
2474    moreover AOT_have 𝒜ψ{x}  x = b for x
2475      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)]
2476            "∀E" by blast
2477    ultimately AOT_have x = b
2478      using "→E" by blast
2479    AOT_hence x = ιx ψ{x}
2480      using b_eq "rule=E" by blast
2481    AOT_hence x = ιx φ{x}
2482      using 1 "rule=E" by blast
2483    AOT_thus 𝒜φ{x}
2484      by (metis "actual-desc:3" "vdash-properties:6")
2485  qed
2486  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2487    by (metis "Act-Basic:5" "≡E"(2))
2488  AOT_hence x 𝒜(φ{x}  ψ{x})
2489    by (rule "∀I")
2490  AOT_thus 𝒜x (φ{x}  ψ{x})
2491    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2492qed    
2493
2494AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2495proof(rule "→I")
2496  AOT_assume ∃!x φ{x}
2497  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2498    using "uniqueness:1"[THEN "≡dfE"] by blast
2499  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b)
2500    using "instantiation"[rotated] by blast
2501  AOT_show y (y = ιx φ{x}  φ{y})
2502  proof(rule GEN; rule "→I")
2503    fix y
2504    AOT_assume y = ιx φ{x}
2505    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y)
2506      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2507    AOT_hence 𝒜φ{b}  b = y
2508      using "&E" "∀E" by blast
2509    moreover AOT_have 𝒜φ{b}
2510      using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2511    ultimately AOT_have b = y
2512      using "→E" by blast
2513    moreover AOT_have φ{b}
2514      using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2515    ultimately AOT_show φ{y}
2516      using "rule=E" by blast
2517  qed
2518qed
2519
2520AOT_theorem "!box-desc:2":
2521  x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2522proof(rule "→I"; rule "→I")
2523  AOT_assume x (φ{x}  φ{x})
2524  moreover AOT_assume ∃!x φ{x}
2525  ultimately AOT_have ∃!x φ{x}
2526    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2527  AOT_thus y (y = ιx φ{x}  φ{y})
2528    using "!box-desc:1" "→E" by blast
2529qed
2530
2531(* Note: vacuous in the embedding. *)
2532AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ}
2533  by (simp add: "rule=I:1" "→I")
2534
2535subsection‹The Theory of Necessity›
2536text‹\label{PLM: 9.9}›
2537
2538AOT_theorem "RM:1[prem]":
2539  assumes Γ  φ  ψ
2540  shows Γ  φ  ψ
2541proof -
2542  AOT_have Γ  (φ  ψ)
2543    using "RN[prem]" assms by blast
2544  AOT_thus Γ  φ  ψ
2545    by (metis "qml:1"[axiom_inst] "→E")
2546qed
2547
2548AOT_theorem "RM:1":
2549  assumes  φ  ψ
2550  shows  φ  ψ
2551  using "RM:1[prem]" assms by blast
2552
2553lemmas RM = "RM:1"
2554
2555AOT_theorem "RM:2[prem]":
2556  assumes Γ  φ  ψ
2557  shows Γ  φ  ψ
2558proof -
2559  AOT_have Γ  ¬ψ  ¬φ
2560    using assms 
2561    by (simp add: "contraposition:1[1]")
2562  AOT_hence Γ  ¬ψ  ¬φ
2563    using "RM:1[prem]" by blast
2564  AOT_thus Γ  φ  ψ
2565    by (meson "≡dfE" "≡dfI" "conventions:5" "→I" "modus-tollens:1")
2566qed
2567
2568AOT_theorem "RM:2":
2569  assumes  φ  ψ
2570  shows  φ  ψ
2571  using "RM:2[prem]" assms by blast
2572
2573lemmas "RM◇" = "RM:2"
2574
2575AOT_theorem "RM:3[prem]":
2576  assumes Γ  φ  ψ
2577  shows Γ  φ  ψ
2578proof -
2579  AOT_have Γ  φ  ψ and Γ  ψ  φ
2580    using assms "≡E" "→I" by metis+
2581  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2582    using "RM:1[prem]" by metis+
2583  AOT_thus Γ  φ  ψ
2584    by (simp add: "≡I")
2585qed
2586
2587AOT_theorem "RM:3":
2588  assumes  φ  ψ
2589  shows  φ  ψ
2590  using "RM:3[prem]" assms by blast
2591
2592lemmas RE = "RM:3"
2593
2594AOT_theorem "RM:4[prem]":
2595  assumes Γ  φ  ψ
2596  shows Γ  φ  ψ
2597proof -
2598  AOT_have Γ  φ  ψ and Γ  ψ  φ
2599    using assms "≡E" "→I" by metis+
2600  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2601    using "RM:2[prem]" by metis+
2602  AOT_thus Γ  φ  ψ
2603    by (simp add: "≡I")
2604qed
2605
2606AOT_theorem "RM:4":
2607  assumes  φ  ψ
2608  shows  φ  ψ
2609  using "RM:4[prem]" assms by blast
2610
2611lemmas "RE◇" = "RM:4"
2612
2613AOT_theorem "KBasic:1": φ  (ψ  φ)
2614  by (simp add: RM "pl:1"[axiom_inst])
2615
2616AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2617  by (simp add: RM "useful-tautologies:3")
2618
2619AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2620proof (rule "≡I"; rule "→I")
2621  AOT_assume (φ & ψ)
2622  AOT_thus φ & ψ
2623    by (meson RM "&I" "Conjunction Simplification"(1, 2) "→E")
2624next
2625  AOT_have φ  (ψ  (φ & ψ))
2626    by (simp add: "RM:1" Adjunction)
2627  AOT_hence φ  (ψ  (φ & ψ))
2628    by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2629  moreover AOT_assume φ & ψ
2630  ultimately AOT_show (φ & ψ)
2631    using "→E" "&E" by blast
2632qed
2633
2634AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2635proof -
2636  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2637    by (fact "KBasic:3")
2638  AOT_modally_strict {
2639    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2640      by (fact "conventions:3"[THEN "≡Df"])
2641  }
2642  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2643    by (rule RE)
2644  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2645    using "≡E"(5) by blast
2646qed
2647
2648AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2649proof -
2650  AOT_have (φ  ψ)  (φ  ψ)
2651    by (fact "qml:1"[axiom_inst])
2652  moreover AOT_have (ψ  φ)  (ψ  φ)
2653    by (fact "qml:1"[axiom_inst])
2654  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2655    by (metis "&I" MP "Double Composition")
2656  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2657    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2658  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2659    by (metis "Hypothetical Syllogism")
2660qed
2661
2662AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2663  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "→E" by blast
2664AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2665proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2666  AOT_assume φ & ψ
2667  AOT_hence φ and ψ using "&E" by blast+
2668  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2669  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2670  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2671next
2672  AOT_assume ¬φ & ¬ψ
2673  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2674  AOT_modally_strict {
2675    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2676      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2677  }
2678  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2679    by (rule RM)
2680  AOT_thus (φ  ψ) using 0 "→E" by blast
2681qed(auto)
2682
2683AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2684  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2685AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2686  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2687AOT_theorem "KBasic:10": φ  ¬¬φ
2688  by (simp add: "RM:3" "oth-class-taut:3:b")
2689AOT_theorem "KBasic:11": ¬φ  ¬φ
2690proof (rule "≡I"; rule "→I")
2691  AOT_show ¬φ if ¬φ
2692    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2693next
2694  AOT_show ¬φ if ¬φ
2695    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2696qed
2697AOT_theorem "KBasic:12": φ  ¬¬φ
2698proof (rule "≡I"; rule "→I")
2699  AOT_show ¬¬φ if φ
2700    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2701next
2702  AOT_show φ if ¬¬φ
2703  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2704qed
2705AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2706proof -
2707  AOT_have φ  ψ  φ  ψ by blast
2708  AOT_hence (φ  ψ)  φ  ψ
2709    using "RM:2[prem]" by blast
2710  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2711qed
2712lemmas "K◇" = "KBasic:13"
2713AOT_theorem "KBasic:14": φ  ¬¬φ
2714  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2715AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2716proof -
2717  AOT_modally_strict {
2718    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2719      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2720  }
2721  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2722    using RM by blast+
2723  AOT_thus (φ  ψ)  (φ  ψ)
2724    by (metis "∨E"(1) "deduction-theorem")
2725qed
2726
2727AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2728  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism"
2729            Importation "→E")
2730
2731AOT_theorem "rule-sub-lem:1:a":
2732  assumes  (ψ  χ)
2733  shows  ¬ψ  ¬χ
2734  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2735        "≡E"(1) "oth-class-taut:4:b" by blast
2736
2737AOT_theorem "rule-sub-lem:1:b":
2738  assumes  (ψ  χ)
2739  shows  (ψ  Θ)  (χ  Θ)
2740  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2741  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2742
2743AOT_theorem "rule-sub-lem:1:c":
2744  assumes  (ψ  χ)
2745  shows  (Θ  ψ)  (Θ  χ)
2746  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2747  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2748
2749AOT_theorem "rule-sub-lem:1:d":
2750  assumes for arbitrary α:  (ψ{α}  χ{α})
2751  shows  α ψ{α}  α χ{α}
2752proof -
2753  AOT_modally_strict {
2754    AOT_have α (ψ{α}  χ{α})
2755      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2756    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2757    AOT_show α ψ{α}  α χ{α}
2758    proof (rule "≡I"; rule "→I")
2759      AOT_assume α ψ{α}
2760      AOT_hence ψ{α} for α using "∀E" by blast
2761      AOT_hence χ{α} for α using 0 "≡E" by blast
2762      AOT_thus α χ{α} by (rule "∀I")
2763    next
2764      AOT_assume α χ{α}
2765      AOT_hence χ{α} for α using "∀E" by blast
2766      AOT_hence ψ{α} for α using 0 "≡E" by blast
2767      AOT_thus α ψ{α} by (rule "∀I")
2768    qed
2769  }
2770qed
2771
2772AOT_theorem "rule-sub-lem:1:e":
2773  assumes  (ψ  χ)
2774  shows   ψ]   χ]
2775  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2776  using "≡E"(1) "propositions-lemma:6" by blast
2777
2778AOT_theorem "rule-sub-lem:1:f":
2779  assumes  (ψ  χ)
2780  shows  𝒜ψ  𝒜χ
2781  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2782  by (metis "Act-Basic:5" "≡E"(1))
2783
2784AOT_theorem "rule-sub-lem:1:g":
2785  assumes  (ψ  χ)
2786  shows  ψ  χ
2787  using "KBasic:6" assms "vdash-properties:6" by blast
2788
2789text‹Note that instead of deriving @{text "rule-sub-lem:2"},
2790     @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2791     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2792
2793class AOT_subst =
2794  fixes AOT_subst :: "('a  𝗈)  bool"
2795    and AOT_subst_cond :: "'a  'a  bool"
2796  assumes AOT_subst:
2797    "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2798
2799named_theorems AOT_substI
2800
2801instantiation 𝗈 :: AOT_subst
2802begin
2803
2804inductive AOT_subst_𝗈 where
2805  AOT_subst_𝗈_id[AOT_substI]:
2806    AOT_subst_𝗈 (λφ. φ)
2807  | AOT_subst_𝗈_const[AOT_substI]:
2808    AOT_subst_𝗈 (λφ. ψ)
2809  | AOT_subst_𝗈_not[AOT_substI]:
2810    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)
2811  | AOT_subst_𝗈_imp[AOT_substI]:
2812    AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)
2813  | AOT_subst_𝗈_lambda0[AOT_substI]:
2814    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))
2815  | AOT_subst_𝗈_act[AOT_substI]:
2816    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)
2817  | AOT_subst_𝗈_box[AOT_substI]:
2818    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)
2819  | AOT_subst_𝗈_by_def[AOT_substI]:
2820    ( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ)) 
2821      AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ
2822
2823
2824definition AOT_subst_cond_𝗈 where
2825  AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]
2826
2827instance
2828proof
2829  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2830  assume cond: ‹AOT_subst_cond ψ χ
2831  assume ‹AOT_subst φ
2832  moreover AOT_have  ψ  χ
2833    using cond unfolding AOT_subst_cond_𝗈_def by blast
2834  ultimately AOT_show  φ{ψ}  φ{χ}
2835  proof (induct arbitrary: ψ χ)
2836    case AOT_subst_𝗈_id
2837    thus ?case
2838      using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2839  next
2840    case (AOT_subst_𝗈_const ψ)
2841    thus ?case
2842      by (simp add: "oth-class-taut:3:a")
2843  next
2844    case (AOT_subst_𝗈_not Θ)
2845    thus ?case
2846      by (simp add: RN "rule-sub-lem:1:a")
2847  next
2848    case (AOT_subst_𝗈_imp Θ Ξ)
2849    thus ?case
2850      by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2851  next
2852    case (AOT_subst_𝗈_lambda0 Θ)
2853    thus ?case
2854      by (simp add: RN "rule-sub-lem:1:e")
2855  next
2856    case (AOT_subst_𝗈_act Θ)
2857    thus ?case
2858      by (simp add: RN "rule-sub-lem:1:f")
2859  next
2860    case (AOT_subst_𝗈_box Θ)
2861    thus ?case
2862      by (simp add: RN "rule-sub-lem:1:g")
2863  next
2864    case (AOT_subst_𝗈_by_def Θ Ξ)
2865    AOT_modally_strict {
2866      AOT_have Ξ{ψ}  Ξ{χ}
2867        using AOT_subst_𝗈_by_def by simp
2868      AOT_thus Θ{ψ}  Θ{χ}
2869        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ]
2870              "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2871        by (metis "≡E"(6) "oth-class-taut:3:a")
2872    }
2873  qed
2874qed
2875end
2876
2877instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2878begin
2879
2880definition AOT_subst_cond_fun :: ('a  'b)  ('a  'b)  bool› where
2881  AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α))
2882                                                      (ψ (AOT_term_of_var α))
2883
2884inductive AOT_subst_fun :: (('a  'b)  𝗈)  bool› where
2885  AOT_subst_fun_const[AOT_substI]:
2886    AOT_subst_fun (λφ. ψ)
2887  | AOT_subst_fun_id[AOT_substI]:
2888    ‹AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))
2889  | AOT_subst_fun_all[AOT_substI]:
2890    ‹AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α))) 
2891     AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)
2892  | AOT_subst_fun_not[AOT_substI]:
2893    ‹AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)
2894  | AOT_subst_fun_imp[AOT_substI]:
2895    ‹AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)
2896  | AOT_subst_fun_lambda0[AOT_substI]:
2897    ‹AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))
2898  | AOT_subst_fun_act[AOT_substI]:
2899    ‹AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)
2900  | AOT_subst_fun_box[AOT_substI]:
2901    ‹AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)
2902  | AOT_subst_fun_def[AOT_substI]:
2903    ( φ . AOT_model_equiv_def (Θ φ) (Ψ φ)) 
2904     AOT_subst_fun Ψ  AOT_subst_fun Θ
2905
2906instance proof
2907  fix ψ χ :: 'a  'b and φ :: ('a  'b)  𝗈›
2908  assume ‹AOT_subst φ
2909  moreover assume cond: ‹AOT_subst_cond ψ χ
2910  ultimately AOT_show  «φ ψ»  «φ χ»
2911  proof(induct)
2912    case (AOT_subst_fun_const ψ)
2913    then show ?case by (simp add: "oth-class-taut:3:a")
2914  next
2915  case (AOT_subst_fun_id Ψ x)
2916  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2917  next
2918  next
2919  case (AOT_subst_fun_all Ψ Θ)
2920  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2921    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2922  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2923    by (simp add: RN "rule-sub-lem:1:d"
2924                  AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2925  next
2926  case (AOT_subst_fun_not Ψ)
2927  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2928  next
2929  case (AOT_subst_fun_imp Ψ Θ)
2930  then show ?case 
2931    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2932    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "→E")
2933  next
2934  case (AOT_subst_fun_lambda0 Θ)
2935  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2936  next
2937  case (AOT_subst_fun_act Θ)
2938  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2939  next
2940  case (AOT_subst_fun_box Θ)
2941  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2942  next
2943  case (AOT_subst_fun_def Θ Ψ)
2944  then show ?case
2945    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2946  qed
2947qed
2948end
2949
2950ML2951fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2952  fun findHeadConst (Const x) = SOME x
2953    | findHeadConst (A $ _) = findHeadConst A
2954    | findHeadConst _ = NONE
2955  fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _)
2956      = findHeadConst lhs
2957    | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2958    | findDef (Abs (_,_,c)) = findDef c
2959    | findDef _ = NONE
2960  val const_opt = (findDef trm)
2961  val defs = case const_opt of SOME const => List.filter (fn thm => let
2962      val concl = Thm.concl_of thm
2963      val thmconst = (findDef concl)
2964      in case thmconst of SOME (c,_) => fst const = c | _ => false end)
2965      (AOT_Definitions.get ctxt)
2966      | _ => []
2967  val tac = case defs of
2968            [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2969            | _ => resolve_tac ctxt defs 1
2970  in tac end) 1)
2971fun getSubstThm ctxt reversed phi p q = let
2972val p_ty = Term.type_of p
2973val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2974val abs = Syntax.check_term ctxt abs
2975val substThm = Goal.prove ctxt [] [] abs
2976  (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2977val substThm = substThm RS @{thm AOT_subst}
2978in if reversed then let
2979  val substThm = Drule.instantiate_normalize
2980          ([],[((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2981          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2982  val substThm = substThm RS @{thm "≡E"(1)}
2983  in substThm end
2984else
2985  let
2986  val substThm = Drule.instantiate_normalize
2987          ([],[((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2988          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2989  val substThm = substThm RS @{thm "≡E"(2)}
2990  in substThm end end
2991
2992
2993method_setup AOT_subst = 2994Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2995Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax) --
2996Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |--
2997Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) --
2998Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
2999>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
3000(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3001  prems = prems, asms = asms, concl = concl, schematics = _} =>
3002let
3003val thms = prems
3004val ctxt' = ctxt
3005val ctxt = Context_Position.set_visible false ctxt
3006val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
3007
3008val ctxt = (fold (fn (bound, ty) => fn ctxt =>
3009  let
3010    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
3011    val ty = Option.map (Syntax.read_typ ctxt) ty
3012    val ctxt = case ty of SOME ty => let
3013        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
3014        val bound = Syntax.check_term ctxt bound
3015      in Variable.declare_term bound ctxt end | _ => ctxt
3016  in ctxt end)) raw_bounds ctxt
3017
3018val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
3019val p = Syntax.check_term ctxt p
3020val ctxt = Variable.declare_term p ctxt
3021val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
3022val q = Syntax.check_term ctxt q
3023val ctxt = Variable.declare_term q ctxt
3024
3025val bounds = (map (fn (bound, _) =>
3026  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound)
3027)) raw_bounds
3028val p = fold (fn bound => fn p =>
3029  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)))
3030  bounds p
3031val p = Syntax.check_term ctxt p
3032val p_ty = Term.type_of p
3033
3034val pat = @{const Trueprop} $
3035  (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $
3036   (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
3037val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
3038val univ = hd (Seq.list_of univ) (* TODO: choose? try all? filter? *)
3039val phi = the (Envir.lookup univ
3040  (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
3041
3042val q = fold (fn bound => fn q =>
3043  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q))) bounds q
3044val q = Syntax.check_term ctxt q
3045
3046(* Reparse to report bounds as fixes. *)
3047val ctxt = Context_Position.restore_visible ctxt' ctxt
3048val ctxt' = ctxt
3049fun unsource str = fst (Input.source_content (Syntax.read_input str))
3050val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) =>
3051  (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds)
3052  ctxt'
3053val _ = (map (fn (x,_) =>
3054  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x)))
3055  raw_bounds
3056val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
3057val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
3058val reversed = case reversed of SOME _ => true | _ => false
3059val simpThms = [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]
3060in
3061resolve_tac ctxt [getSubstThm ctxt reversed phi p q] 1
3062THEN simp_tac (ctxt addsimps simpThms) 1
3063THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
3064THEN (TRY (resolve_tac ctxt thms 1))
3065end
3066) ctxt 1))))
3067
3068
3069method_setup AOT_subst_def = 3070Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3071Attrib.thm
3072>> (fn (reversed,fact) => (fn ctxt =>
3073(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3074  prems = prems, asms = asms, concl = concl, schematics = _} =>
3075let
3076val c = Thm.concl_of fact
3077val (lhs, rhs) = case c of (const‹Trueprop› $
3078    (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
3079  | _ => raise Fail "Definition expected."
3080val substCond = HOLogic.mk_Trueprop
3081  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3082val substCond = Syntax.check_term
3083  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3084  substCond
3085val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3086  @{thm AOT_subst_cond_fun_def},
3087  fact RS @{thm "≡Df"}]
3088val substCondThm = Goal.prove ctxt [] [] substCond
3089  (fn {context=ctxt, prems=prems} =>
3090      (SUBGOAL (fn (trm,int) =>
3091        auto_tac (ctxt addsimps simpThms)) 1))
3092val substThm = substCondThm RSN (2,@{thm AOT_subst})
3093in
3094resolve_tac ctxt [substThm RS
3095  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3096THEN prove_AOT_subst_tac ctxt
3097THEN (TRY (resolve_tac ctxt prems 1))
3098end
3099) ctxt 1))))
3100
3101
3102method_setup AOT_subst_thm = 3103Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3104Attrib.thm
3105>> (fn (reversed,fact) => (fn ctxt =>
3106(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3107  prems = prems, asms = asms, concl = concl, schematics = _} =>
3108let
3109val c = Thm.concl_of fact
3110val (lhs, rhs) = case c of
3111  (const‹Trueprop› $
3112   (const‹AOT_model_valid_in› $ _ $
3113    (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
3114  | _ => raise Fail "Equivalence expected."
3115
3116val substCond = HOLogic.mk_Trueprop
3117  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3118val substCond = Syntax.check_term
3119  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3120  substCond
3121val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3122  @{thm AOT_subst_cond_fun_def},
3123  fact]
3124val substCondThm = Goal.prove ctxt [] [] substCond
3125  (fn {context=ctxt, prems=prems} =>
3126      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps simpThms)) 1))
3127val substThm = substCondThm RSN (2,@{thm AOT_subst})
3128in
3129resolve_tac ctxt [substThm RS
3130  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3131THEN prove_AOT_subst_tac ctxt
3132THEN (TRY (resolve_tac ctxt prems 1))
3133end
3134) ctxt 1))))
3135
3136
3137AOT_theorem "rule-sub-remark:1[1]":
3138  assumes  A!x  ¬E!x and ¬A!x
3139  shows ¬¬E!x
3140  by (AOT_subst (reverse) ¬E!x A!x)
3141     (auto simp: assms) 
3142
3143AOT_theorem "rule-sub-remark:1[2]":
3144  assumes  A!x  ¬E!x and  ¬¬E!x
3145  shows ¬A!x
3146  by (AOT_subst A!x ¬E!x)
3147     (auto simp: assms)
3148
3149AOT_theorem "rule-sub-remark:2[1]":
3150  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3151      and p  [R]xy
3152  shows p  [R]xy & ([Q]a  ¬[Q]a)
3153  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3154
3155AOT_theorem "rule-sub-remark:2[2]":
3156  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3157      and p  [R]xy & ([Q]a  ¬[Q]a)
3158  shows p  [R]xy
3159  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3160
3161AOT_theorem "rule-sub-remark:3[1]":
3162  assumes for arbitrary x:  A!x  ¬E!x
3163      and x A!x
3164    shows x ¬E!x
3165  by (AOT_subst (reverse) ¬E!x A!x for: x)
3166     (auto simp: assms)
3167
3168AOT_theorem "rule-sub-remark:3[2]":
3169  assumes for arbitrary x:  A!x  ¬E!x
3170      and x ¬E!x
3171    shows x A!x
3172  by (AOT_subst A!x ¬E!x for: x)
3173     (auto simp: assms)
3174
3175AOT_theorem "rule-sub-remark:4[1]":
3176  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x
3177  shows 𝒜[P]x
3178  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3179
3180AOT_theorem "rule-sub-remark:4[2]":
3181  assumes  ¬¬[P]x  [P]x and 𝒜[P]x
3182  shows 𝒜¬¬[P]x
3183  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3184
3185AOT_theorem "rule-sub-remark:5[1]":
3186  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ)
3187  shows (¬ψ  ¬φ)
3188  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3189
3190AOT_theorem "rule-sub-remark:5[2]":
3191  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ)
3192  shows (φ  ψ) 
3193  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3194
3195AOT_theorem "rule-sub-remark:6[1]":
3196  assumes  ψ  χ and (φ  ψ)
3197  shows (φ  χ) 
3198  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3199
3200AOT_theorem "rule-sub-remark:6[2]":
3201  assumes  ψ  χ and (φ  χ)
3202  shows (φ  ψ)
3203  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3204
3205AOT_theorem "rule-sub-remark:7[1]":
3206  assumes  φ  ¬¬φ and (φ  φ)
3207  shows (¬¬φ  φ) 
3208  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3209
3210AOT_theorem "rule-sub-remark:7[2]":
3211  assumes  φ  ¬¬φ and (¬¬φ  φ)
3212  shows (φ  φ)
3213  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3214
3215AOT_theorem "KBasic2:1": ¬φ  ¬φ
3216  by (meson "conventions:5" "contraposition:2"
3217            "Hypothetical Syllogism" "df-rules-formulas[3]"
3218            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
3219
3220AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
3221proof -
3222  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
3223    by (simp add: "RE◇" "oth-class-taut:5:b")
3224  also AOT_have   ¬(¬φ & ¬ψ)
3225    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3226  also AOT_have   ¬(¬φ & ¬ψ)
3227    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
3228  also AOT_have   ¬(¬φ & ¬ψ)
3229    using "KBasic2:1"
3230    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ;
3231        auto simp: "oth-class-taut:3:a")
3232  also AOT_have   ¬¬(φ  ψ)
3233    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
3234  also AOT_have   φ  ψ
3235    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
3236  finally show ?thesis .
3237qed
3238
3239AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
3240  by (metis "RM◇" "&I" "Conjunction Simplification"(1,2)
3241            "→I" "modus-tollens:1" "reductio-aa:1")
3242
3243AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
3244proof -
3245  AOT_have (φ  ψ)  (¬φ  ψ)
3246    by (AOT_subst φ  ψ ¬φ  ψ)
3247       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
3248  also AOT_have ...  ¬φ  ψ
3249    by (simp add: "KBasic2:2")
3250  also AOT_have ...  ¬φ  ψ
3251    by (AOT_subst ¬φ ¬φ)
3252       (auto simp: "KBasic:11" "oth-class-taut:3:a")
3253  also AOT_have ...  φ  ψ
3254    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
3255  finally show ?thesis .
3256qed
3257
3258AOT_theorem "KBasic2:5": φ  ¬¬φ
3259  using "conventions:5"[THEN "≡Df"]
3260  by (AOT_subst φ ¬¬φ;
3261      AOT_subst ¬¬φ ¬¬¬¬φ;
3262      AOT_subst (reverse) ¬¬¬φ ¬φ)
3263     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
3264
3265
3266AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
3267proof(rule "→I"; rule "raa-cor:1")
3268  AOT_assume (φ  ψ)
3269  AOT_hence (¬φ  ψ)
3270    using "conventions:2"[THEN "≡Df"]
3271    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
3272  AOT_hence 1: ¬φ  ψ
3273    using "KBasic:13" "vdash-properties:10" by blast
3274  AOT_assume ¬(φ  ψ)
3275  AOT_hence ¬φ and ¬ψ
3276    using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
3277  AOT_thus ψ & ¬ψ
3278    using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
3279qed
3280
3281AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
3282proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3283  AOT_assume (φ  ψ)
3284  AOT_hence 1: φ  ψ
3285    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
3286  AOT_assume ¬φ
3287  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
3288  AOT_thus ψ using 1 "∨E"(2) by blast
3289qed
3290
3291AOT_theorem "T-S5-fund:1": φ  φ
3292  by (meson "≡dfI" "conventions:5" "contraposition:2"
3293            "Hypothetical Syllogism" "→I" "qml:2"[axiom_inst])
3294lemmas "T◇" = "T-S5-fund:1"
3295
3296AOT_theorem "T-S5-fund:2": φ  φ
3297proof(rule "→I")
3298  AOT_assume φ
3299  AOT_hence ¬¬φ
3300    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
3301  moreover AOT_have ¬φ  ¬φ
3302    by (fact "qml:3"[axiom_inst])
3303  ultimately AOT_have ¬¬φ
3304    using "modus-tollens:1" by blast
3305  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
3306qed
3307lemmas "5◇" = "T-S5-fund:2"
3308
3309AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
3310  by (AOT_subst 𝒜¬φ ¬𝒜φ)
3311     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
3312
3313AOT_theorem "Act-Sub:2": φ  𝒜φ
3314  using "conventions:5"[THEN "≡Df"]
3315  by (AOT_subst φ ¬¬φ)
3316     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
3317            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
3318
3319AOT_theorem "Act-Sub:3": 𝒜φ  φ
3320  using "conventions:5"[THEN "≡Df"]
3321  by (AOT_subst φ ¬¬φ)
3322     (metis "Act-Sub:1" "→I" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
3323
3324AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
3325proof (rule "≡I"; rule "→I")
3326  AOT_assume 𝒜φ
3327  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
3328next
3329  AOT_assume 𝒜φ
3330  AOT_hence ¬¬𝒜φ
3331    using "≡dfE" "conventions:5" by blast
3332  AOT_hence ¬𝒜¬φ
3333    by (AOT_subst 𝒜¬φ ¬𝒜φ)
3334       (simp add: "logic-actual-nec:1"[axiom_inst])
3335  AOT_thus 𝒜φ
3336    using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4)
3337          "reductio-aa:1" by blast
3338qed
3339
3340AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
3341  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "→I" "≡E"(1) "≡E"(2) "→E")
3342
3343AOT_theorem "S5Basic:1": φ  φ
3344  by (simp add: "≡I" "qml:2"[axiom_inst] "qml:3"[axiom_inst])
3345
3346AOT_theorem "S5Basic:2": φ  φ
3347  by (simp add: "T◇" "5◇" "≡I")
3348
3349AOT_theorem "S5Basic:3": φ  φ
3350  using "T◇" "Hypothetical Syllogism" "qml:3"[axiom_inst] by blast
3351lemmas "B" = "S5Basic:3"
3352
3353AOT_theorem "S5Basic:4": φ  φ
3354  using "5◇" "Hypothetical Syllogism" "qml:2"[axiom_inst] by blast
3355lemmas "B◇" = "S5Basic:4"
3356
3357AOT_theorem "S5Basic:5": φ  φ
3358  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
3359lemmas "4" = "S5Basic:5"
3360
3361AOT_theorem "S5Basic:6": φ  φ
3362  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
3363
3364AOT_theorem "S5Basic:7": φ  φ
3365  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
3366  by (AOT_subst φ ¬¬φ;
3367      AOT_subst φ ¬¬φ;
3368      AOT_subst (reverse) ¬¬¬φ ¬φ;
3369      AOT_subst (reverse) ¬φ ¬φ)
3370     (auto simp: "S5Basic:6" "if-p-then-p")
3371
3372lemmas "4◇" = "S5Basic:7"
3373
3374AOT_theorem "S5Basic:8": φ  φ
3375  by (simp add: "4◇" "T◇" "≡I")
3376
3377AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
3378  apply (rule "≡I"; rule "→I")
3379  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10"
3380   apply blast
3381  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1)
3382            "con-dis-taut:7" "intro-elim:1" "Commutativity of ∨")
3383
3384AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
3385(* Note: nicely this proof is entirely sledgehammer generated *)
3386proof(rule "≡I"; rule "→I")
3387  AOT_assume (φ  ψ)
3388  AOT_hence φ  ψ
3389    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
3390  AOT_thus φ  ψ
3391    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
3392next
3393  AOT_assume φ  ψ
3394  AOT_hence φ  ψ
3395    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
3396  AOT_thus (φ  ψ)
3397    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1,2))
3398qed
3399
3400AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
3401proof -
3402  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
3403    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
3404       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
3405  also AOT_have   ¬(¬φ  ¬ψ)
3406    by (AOT_subst ¬ψ ¬ψ)
3407       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
3408  also AOT_have   ¬(¬φ  ¬ψ)
3409    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3410  also AOT_have   ¬(¬φ  ¬ψ)
3411    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
3412  also AOT_have   ¬(¬φ  ¬ψ)
3413    using "KBasic2:1"
3414    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
3415       (auto simp:  "oth-class-taut:3:a")
3416  also AOT_have   φ & ψ
3417    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
3418  finally show ?thesis .
3419qed
3420
3421AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
3422proof (rule "≡I"; rule "→I")
3423  AOT_assume (φ & ψ)
3424  AOT_hence φ & ψ
3425    using "KBasic2:3" "vdash-properties:6" by blast
3426  AOT_thus φ & ψ
3427    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
3428next
3429  AOT_assume φ & ψ
3430  moreover AOT_have (ψ & φ)  (φ & ψ)
3431    by (AOT_subst φ & ψ ψ & φ)
3432       (auto simp: "Commutativity of &" "KBasic:16")
3433  ultimately AOT_show (φ & ψ)
3434    by (metis "4" "&I" "Conjunction Simplification"(1,2) "→E")
3435qed
3436
3437AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
3438proof (rule "≡I")
3439  AOT_modally_strict {
3440    AOT_have (φ  ψ)  (φ  ψ)
3441      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "→I")
3442  }
3443  AOT_hence (φ  ψ)  (φ  ψ)
3444    by (rule RM)
3445  AOT_thus  (φ  ψ)  (φ  ψ)
3446    using "4" "Hypothetical Syllogism" by blast
3447next
3448  AOT_modally_strict {
3449    AOT_have (φ  ψ)  (φ  ψ)
3450      by (meson "B" "Hypothetical Syllogism" "→I" "qml:1"[axiom_inst])
3451  }
3452  AOT_hence  (φ  ψ)  (φ  ψ)
3453    by (rule RM)
3454  AOT_thus (φ  ψ)  (φ  ψ)
3455    using "4" "Hypothetical Syllogism" by blast
3456qed
3457
3458AOT_theorem "derived-S5-rules:1":
3459  assumes Γ  φ  ψ
3460  shows Γ  φ  ψ
3461proof -
3462  AOT_have Γ  φ  ψ
3463    using assms by (rule "RM:1[prem]")
3464  AOT_thus Γ  φ  ψ
3465    using "B" "Hypothetical Syllogism" by blast
3466qed
3467
3468AOT_theorem "derived-S5-rules:2":
3469  assumes Γ  φ  ψ
3470  shows Γ  φ  ψ
3471proof -
3472  AOT_have Γ  φ  ψ
3473    using assms by (rule "RM:2[prem]")
3474  AOT_thus Γ  φ  ψ
3475    using "B◇" "Hypothetical Syllogism" by blast
3476qed
3477
3478AOT_theorem "BFs:1": α φ{α}  α φ{α}
3479proof -
3480  AOT_modally_strict {
3481    AOT_have α φ{α}  φ{α} for α
3482      using "cqt-orig:3" by (rule "RM◇")
3483    AOT_hence α φ{α}  α φ{α}
3484      using "B◇" "∀I" "→E" "→I" by metis
3485  }
3486  thus ?thesis
3487    using "derived-S5-rules:1" by blast
3488qed
3489lemmas "BF" = "BFs:1"
3490
3491AOT_theorem "BFs:2": α φ{α}  α φ{α}
3492proof -
3493  AOT_have α φ{α}  φ{α} for α
3494    using RM "cqt-orig:3" by metis
3495  thus ?thesis
3496    using "cqt-orig:2"[THEN "→E"] "∀I" by metis
3497qed
3498lemmas "CBF" = "BFs:2"
3499
3500AOT_theorem "BFs:3": α φ{α}  α φ{α}
3501proof(rule "→I")
3502  AOT_modally_strict {
3503    AOT_have α ¬φ{α}  α ¬φ{α}
3504      using BF CBF "≡I" by blast
3505  } note θ = this
3506
3507  AOT_assume α φ{α}
3508  AOT_hence ¬¬(α φ{α})
3509    using "≡dfE" "conventions:5" by blast
3510  AOT_hence ¬α ¬φ{α}
3511    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
3512    using "≡dfI" "conventions:3" "conventions:4" "&I"
3513          "contraposition:2" "cqt-further:4"
3514          "df-rules-formulas[3]" by blast
3515  AOT_hence ¬α ¬φ{α}
3516    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
3517    using θ by blast
3518  AOT_hence ¬α ¬¬¬φ{α}
3519    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
3520       (simp add: "oth-class-taut:3:b")
3521  AOT_hence α ¬¬φ{α}
3522    by (rule "conventions:4"[THEN "≡dfI"])
3523  AOT_thus α φ{α}
3524    using "conventions:5"[THEN "≡Df"]
3525    by (AOT_subst φ{α} ¬¬φ{α} for: α)
3526qed
3527lemmas "BF◇" = "BFs:3"
3528
3529AOT_theorem "BFs:4": α φ{α}  α φ{α}
3530proof(rule "→I")
3531  AOT_assume α φ{α}
3532  AOT_hence ¬α ¬φ{α}
3533    using "conventions:4"[THEN "≡dfE"] by blast
3534  AOT_hence ¬α ¬φ{α}
3535    using "KBasic2:1"
3536    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
3537  moreover AOT_have α ¬φ{α}  α ¬φ{α}
3538    using "≡I" "BF" "CBF" by metis
3539  ultimately AOT_have 1: ¬α ¬φ{α}
3540    using "≡E"(3) by blast
3541  AOT_show α φ{α}
3542    apply (rule "conventions:5"[THEN "≡dfI"])
3543    apply (AOT_subst α φ{α} ¬α ¬φ{α})
3544     apply (simp add: "conventions:4" "≡Df")
3545    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
3546    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
3547qed
3548lemmas "CBF◇" = "BFs:4"
3549
3550AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
3551proof(rule "→I")
3552  AOT_assume α φ{α}
3553  then AOT_obtain α where φ{α} using "∃E" by metis
3554  moreover AOT_have α
3555    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
3556  moreover AOT_have φ{τ}, τ  α φ{α} for τ
3557  proof -
3558    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
3559    AOT_thus φ{τ}, τ  α φ{α}
3560      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
3561  qed
3562  ultimately AOT_show α φ{α} by blast
3563qed
3564lemmas Buridan = "sign-S5-thm:1"
3565
3566AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
3567proof -
3568  AOT_have α (α φ{α}  φ{α})
3569    by (simp add: "RM◇" "cqt-orig:3" "∀I")
3570  AOT_thus α φ{α}  α φ{α}
3571    using "∀E"(4) "∀I" "→E" "→I" by metis
3572qed
3573lemmas "Buridan◇" = "sign-S5-thm:2"
3574
3575AOT_theorem "sign-S5-thm:3":
3576  α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
3577  apply (rule "RM:2")
3578  by (metis (no_types, lifting) "∃E" "&I" "&E"(1) "&E"(2) "→I" "∃I"(2))
3579
3580AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
3581  apply (rule "RM:2")
3582  by (meson "instantiation" "&E"(1) "→I" "∃I"(2))
3583
3584AOT_theorem "sign-S5-thm:5":
3585  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
3586proof -
3587  {
3588    fix φ' ψ' χ'
3589    AOT_assume  φ' & ψ'  χ'
3590    AOT_hence φ' & ψ'  χ'
3591      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3592      using "&E" "&I" "→E" "→I" by metis
3593  } note R = this
3594  show ?thesis by (rule R; fact AOT)
3595qed
3596
3597AOT_theorem "sign-S5-thm:6":
3598  (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
3599proof -
3600  {
3601    fix φ' ψ' χ'
3602    AOT_assume  φ' & ψ'  χ'
3603    AOT_hence φ' & ψ'  χ'
3604      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3605      using "&E" "&I" "→E" "→I" by metis
3606  } note R = this
3607  show ?thesis by (rule R; fact AOT)
3608qed
3609
3610AOT_theorem "exist-nec2:1": τ  τ
3611  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
3612
3613AOT_theorem "exists-nec2:2": τ  τ
3614  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec"
3615            "exist-nec2:1" "≡I" "nec-imp-act")
3616
3617AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3618  using "KBasic2:1" "→I" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3619
3620AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3621  by (metis "Act-Sub:3" "KBasic:12" "→I" "exist-nec" "exists-nec2:3"
3622            "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3623
3624AOT_theorem "id-nec2:1": α = β  α = β
3625  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3626
3627AOT_theorem "id-nec2:2": α  β  α  β
3628  apply (AOT_subst α  β ¬(α = β))
3629  using "=-infix"[THEN "≡Df"] apply blast
3630  using "KBasic2:1" "→I" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3631
3632AOT_theorem "id-nec2:3": α  β  α  β
3633  apply (AOT_subst α  β ¬(α = β))
3634  using "=-infix"[THEN "≡Df"] apply blast
3635  by (metis "KBasic:11" "→I" "id-nec:2" "≡E"(3) "reductio-aa:2" "→E")
3636
3637AOT_theorem "id-nec2:4": α = β  α = β
3638  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3639
3640AOT_theorem "id-nec2:5": α  β  α  β
3641  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3642
3643AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3644  apply (rule "≡I"; rule "→I")
3645  using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" apply blast
3646  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2)
3647            "raa-cor:5" "→E")
3648
3649AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3650  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "→I" "≡I"
3651            "nec-imp-act" "raa-cor:2" "→E")
3652
3653AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3654proof (rule "→I"; rule "≡I"; rule "→I")
3655  AOT_assume (φ  φ)
3656  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3657  moreover AOT_assume ¬φ
3658  ultimately AOT_have ¬φ
3659    using "modus-tollens:1" by blast
3660  AOT_thus ¬φ
3661    using "KBasic2:1" "≡E"(2) by blast
3662next
3663  AOT_assume (φ  φ)
3664  moreover AOT_assume ¬φ
3665  ultimately AOT_show ¬φ
3666    using "modus-tollens:1" "qml:2"[axiom_inst] "→E" by blast
3667qed
3668
3669AOT_theorem "sc-eq-box-box:4":
3670  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3671proof(rule "→I"; rule "→I")
3672  AOT_assume θ: (φ  φ) & (ψ  ψ)
3673  AOT_assume ξ: φ  ψ
3674  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3675    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3676  moreover {
3677    AOT_assume φ & ψ
3678    AOT_hence (φ  ψ)
3679      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3680  }
3681  moreover {
3682    AOT_assume ¬φ & ¬ψ
3683    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3684      using θ "Conjunction Simplification"(1,2)
3685            "sc-eq-box-box:3" "→E" by metis+
3686    ultimately AOT_have ¬φ & ¬ψ
3687      by (metis "&I" "Conjunction Simplification"(1,2)
3688                "≡E"(4) "modus-tollens:1" "raa-cor:3")
3689    AOT_hence (φ  ψ)
3690      using "KBasic:3" "KBasic:9" "≡E"(2) "→E" by blast
3691  }
3692  ultimately AOT_show (φ  ψ)
3693    using "∨E"(2) "reductio-aa:1" by blast
3694qed
3695
3696AOT_theorem "sc-eq-box-box:5":
3697  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3698proof (rule "→I")
3699  AOT_assume ((φ  φ) & (ψ  ψ))
3700  AOT_hence ((φ  φ) & (ψ  ψ))
3701    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3702  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3703  proof (rule RM; rule "→I"; rule "→I")
3704    AOT_modally_strict {
3705      AOT_assume A: ((φ  φ) & (ψ  ψ))
3706      AOT_hence φ  φ and ψ  ψ
3707        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3708      moreover AOT_assume φ  ψ
3709      ultimately AOT_have φ  ψ
3710        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3711      moreover AOT_have (φ  ψ)  (φ  ψ)
3712        using A "sc-eq-box-box:4" "→E" by blast
3713      ultimately AOT_show (φ  ψ) using "→E" by blast
3714    }
3715  qed
3716  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3717qed
3718
3719AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3720proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3721  AOT_assume ¬(φ  ψ)
3722  AOT_hence ¬(φ  ψ)
3723    by (metis "KBasic:11" "≡E"(1))
3724  AOT_hence (φ & ¬ψ)
3725    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3726       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3727  AOT_hence φ and 2: ¬ψ
3728    using "KBasic2:3"[THEN "→E"] "&E" by blast+
3729  moreover AOT_assume (φ  φ)
3730  ultimately AOT_have φ
3731    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3732  AOT_hence φ
3733    using "qml:2"[axiom_inst, THEN "→E"] by blast
3734  moreover AOT_assume φ  ψ
3735  ultimately AOT_have ψ
3736    using "→E" by blast
3737  moreover AOT_have ¬ψ
3738    using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3739  ultimately AOT_show ψ & ¬ψ
3740    using "&I" by blast
3741qed
3742
3743AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3744proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3745  AOT_assume ¬𝒜(φ  ψ)
3746  AOT_hence 𝒜¬(φ  ψ)
3747    by (metis "Act-Basic:1" "∨E"(2))
3748  AOT_hence 𝒜(φ & ¬ψ)
3749    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3750       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3751  AOT_hence 𝒜φ and 2: 𝒜¬ψ
3752    using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3753  AOT_hence φ
3754    by (metis "Act-Sub:3" "→E")
3755  moreover AOT_assume (φ  φ)
3756  ultimately AOT_have φ
3757    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3758  AOT_hence φ
3759    using "qml:2"[axiom_inst, THEN "→E"] by blast
3760  moreover AOT_assume φ  𝒜ψ
3761  ultimately AOT_have 𝒜ψ
3762    using "→E" by blast
3763  moreover AOT_have ¬𝒜ψ
3764    using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3765  ultimately AOT_show 𝒜ψ & ¬𝒜ψ
3766    using "&I" by blast
3767qed
3768
3769AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3770  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3771
3772AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3773  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism"
3774            "→I" "≡I" "nec-imp-act")
3775
3776AOT_theorem "sc-eq-fur:3":
3777  x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3778proof (rule "→I"; rule "→I")
3779  AOT_assume x (φ{x}  φ{x})
3780  AOT_hence A: x (φ{x}  φ{x})
3781    using CBF "→E" by blast
3782  AOT_assume ∃!x φ{x}
3783  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3784    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3785  moreover AOT_have φ{a}
3786    using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3787  AOT_hence 𝒜φ{a}
3788    using "nec-imp-act" "→E" by blast
3789  moreover AOT_have y (𝒜φ{y}  y = a)
3790  proof (rule "∀I"; rule "→I")
3791    fix b
3792    AOT_assume 𝒜φ{b}
3793    AOT_hence φ{b}
3794      using "Act-Sub:3" "→E" by blast
3795    moreover {
3796      AOT_have (φ{b}  φ{b})
3797        using A "∀E"(2) by blast
3798      AOT_hence φ{b}  φ{b}
3799        using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" by blast
3800    }
3801    ultimately AOT_have φ{b}
3802      using "→E" by blast
3803    AOT_hence φ{b}
3804      using "qml:2"[axiom_inst] "→E" by blast
3805    AOT_thus b = a
3806      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3807  qed
3808  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3809    using "&I" by blast
3810  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x))
3811    using "∃I" by fast
3812  AOT_hence ∃!x 𝒜φ{x}
3813    using "uniqueness:1"[THEN "≡dfI"] by fast
3814  AOT_thus ιx φ{x}
3815    using "actual-desc:1"[THEN "≡E"(2)] by blast
3816qed
3817
3818AOT_theorem "sc-eq-fur:4":
3819x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3820proof (rule "→I")
3821  AOT_assume x (φ{x}  φ{x})
3822  AOT_hence x (φ{x}  φ{x})
3823    using CBF "→E" by blast
3824  AOT_hence A: 𝒜φ{α}  φ{α} for α
3825    using "sc-eq-fur:2" "∀E" "→E" by fast
3826  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3827  proof (rule "≡I"; rule "→I")
3828    AOT_assume x = ιx φ{x}
3829    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3830      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3831    AOT_show φ{x} & z (φ{z}  z = x)
3832    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3833      AOT_show φ{x}
3834        using A B[THEN "&E"(1)] "≡E"(1) by blast
3835    next
3836      AOT_show z = x if φ{z} for z
3837        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3838    qed
3839  next
3840    AOT_assume B: φ{x} & z (φ{z}  z = x)
3841    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3842    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3843      AOT_show 𝒜φ{x}
3844        using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3845    next
3846      AOT_show b = x if 𝒜φ{b} for b
3847        using A[THEN "≡E"(1)] that
3848              B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3849    qed
3850    AOT_thus x = ιx φ{x}
3851      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3852  qed
3853qed
3854
3855AOT_theorem "id-act:1": α = β  𝒜α = β
3856  by (meson "Act-Sub:3" "Hypothetical Syllogism"
3857            "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3858
3859AOT_theorem "id-act:2": α  β  𝒜α  β
3860proof (AOT_subst α  β ¬(α = β))
3861  AOT_modally_strict {
3862    AOT_show α  β  ¬(α = β)
3863      by (simp add: "=-infix" "≡Df")
3864  }
3865next
3866  AOT_show ¬(α = β)  𝒜¬(α = β)
3867  proof (safe intro!: "≡I" "→I")
3868    AOT_assume ¬α = β
3869    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3870    AOT_thus 𝒜¬α = β
3871      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3872  next
3873    AOT_assume 𝒜¬α = β
3874    AOT_hence ¬𝒜α = β
3875      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3876    AOT_thus ¬α = β
3877      using "id-act:1" "≡E"(4) by blast
3878  qed
3879qed
3880
3881AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3882proof -
3883  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3884    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3885       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3886  also AOT_have   α 𝒜β (φ{β}  β = α)
3887    by (simp add: "Act-Basic:10")
3888  also AOT_have   αβ 𝒜(φ{β}  β = α)
3889    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3890       (auto simp: "logic-actual-nec:3"[axiom_inst] "oth-class-taut:3:a")
3891  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3892    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α
3893                            𝒜(φ{β}  β = α) for: α β :: 'a)
3894       (auto simp: "Act-Basic:5" "cqt-further:7")
3895  also AOT_have   αβ (𝒜φ{β}  β = α)
3896    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3897       (auto simp: "id-act:1" "cqt-further:7")
3898  also AOT_have ...  ∃!α 𝒜φ{α}
3899    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3900  finally show ?thesis.
3901qed
3902
3903AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3904  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3905     (auto simp: "actual-desc:1" "A-Exists:1")
3906
3907AOT_theorem "id-act-desc:1": ιx (x = y)
3908proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3909  AOT_show x E!x  E!x]ιx (x = y)
3910  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)];
3911         rule "∃I"; (rule "&I")+)
3912    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3913  next
3914    AOT_show z (𝒜z = y  z = y)
3915      apply (rule "∀I")
3916      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3917  next
3918    AOT_show x E!x  E!x]y
3919    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3920      AOT_show x E!x  E!x]
3921        by "cqt:2[lambda]"
3922    next
3923      AOT_show E!y  E!y 
3924        by (simp add: "if-p-then-p")
3925    qed
3926  qed
3927next
3928  AOT_show x E!x  E!x]
3929    by "cqt:2[lambda]"
3930qed
3931
3932AOT_theorem "id-act-desc:2": y = ιx (x = y)
3933  by (rule descriptions[axiom_inst, THEN "≡E"(2)];
3934      rule "∀I"; rule "id-act:1"[symmetric])
3935
3936AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3937  by (simp add: encoding "vdash-properties:1[2]")
3938
3939AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3940proof (rule "→I")
3941  AOT_assume x1x2[F]
3942  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3943    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3944  moreover AOT_have y [F]yx2] by "cqt:2"
3945  moreover AOT_have y [F]x1y] by "cqt:2"
3946  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3947    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3948  note A = this
3949  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3950    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3951  AOT_thus x1x2[F]
3952    by (rule "nary-encoding[2]"[axiom_inst, THEN RN,
3953                                THEN "KBasic:6"[THEN "→E"],
3954                                THEN "≡E"(2)])
3955qed
3956
3957AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3958proof (rule "→I")
3959  AOT_assume x1x2x3[F]
3960  AOT_hence x1y [F]yx2x3]
3961        and x2y [F]x1yx3]
3962        and x3y [F]x1x2y]
3963    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3964  moreover AOT_have y [F]yx2x3] by "cqt:2"
3965  moreover AOT_have y [F]x1yx3] by "cqt:2"
3966  moreover AOT_have y [F]x1x2y] by "cqt:2"
3967  ultimately AOT_have x1y [F]yx2x3]
3968                  and x2y [F]x1yx3]
3969                  and x3y [F]x1x2y]
3970    using encoding[axiom_inst, unvarify F] "→E" by blast+
3971  note A = this
3972  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3973    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3974  AOT_thus x1x2x3[F]
3975    by (rule "nary-encoding[3]"[axiom_inst, THEN RN,
3976                THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3977qed
3978
3979AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3980proof (rule "→I")
3981  AOT_assume x1x2x3x4[F]
3982  AOT_hence x1y [F]yx2x3x4]
3983        and x2y [F]x1yx3x4]
3984        and x3y [F]x1x2yx4]
3985        and x4y [F]x1x2x3y]
3986    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3987  moreover AOT_have y [F]yx2x3x4] by "cqt:2"
3988  moreover AOT_have y [F]x1yx3x4] by "cqt:2"
3989  moreover AOT_have y [F]x1x2yx4] by "cqt:2"
3990  moreover AOT_have y [F]x1x2x3y] by "cqt:2"
3991  ultimately AOT_have x1y [F]yx2x3x4]
3992                  and x2y [F]x1yx3x4]
3993                  and x3y [F]x1x2yx4]
3994                  and x4y [F]x1x2x3y]
3995    using "→E" encoding[axiom_inst, unvarify F] by blast+
3996  note A = this
3997  AOT_have B: (x1y [F]yx2x3x4] &
3998                  x2y [F]x1yx3x4] &
3999                  x3y [F]x1x2yx4] &
4000                  x4y [F]x1x2x3y])
4001    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
4002  AOT_thus x1x2x3x4[F]
4003    by (rule "nary-encoding[4]"[axiom_inst, THEN RN,
4004              THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
4005qed
4006
4007AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
4008proof (rule "→I"; rule "raa-cor:1")
4009  AOT_assume ¬¬x1[F]
4010  AOT_hence x1[F]
4011    by (rule "conventions:5"[THEN "≡dfI"])
4012  AOT_hence x1[F]
4013    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN],
4014              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4015  moreover AOT_assume ¬x1[F]
4016  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
4017qed
4018AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
4019proof (rule "→I"; rule "raa-cor:1")
4020  AOT_assume ¬¬x1x2[F]
4021  AOT_hence x1x2[F]
4022    by (rule "conventions:5"[THEN "≡dfI"])
4023  AOT_hence x1x2[F]
4024    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN],
4025              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4026  moreover AOT_assume ¬x1x2[F]
4027  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
4028qed
4029
4030AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4031proof (rule "→I"; rule "raa-cor:1")
4032  AOT_assume ¬¬x1x2x3[F]
4033  AOT_hence x1x2x3[F]
4034    by (rule "conventions:5"[THEN "≡dfI"])
4035  AOT_hence x1x2x3[F]
4036    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN],
4037              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4038  moreover AOT_assume ¬x1x2x3[F]
4039  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
4040qed
4041
4042AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4043proof (rule "→I"; rule "raa-cor:1")
4044  AOT_assume ¬¬x1x2x3x4[F]
4045  AOT_hence x1x2x3x4[F]
4046    by (rule "conventions:5"[THEN "≡dfI"])
4047  AOT_hence x1x2x3x4[F]
4048    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN],
4049                         THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4050  moreover AOT_assume ¬x1x2x3x4[F]
4051  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
4052qed
4053
4054AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
4055  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4056AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
4057  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4058AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
4059  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4060AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
4061  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4062
4063AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
4064  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
4065AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
4066  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
4067AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
4068  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
4069AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
4070  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
4071
4072AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
4073  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[1]"] "≡I" by blast
4074AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
4075  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[2]"] "≡I" by blast
4076AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
4077  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[3]"] "≡I" by blast
4078AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
4079  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[4]"] "≡I" by blast
4080
4081AOT_theorem "en-eq:4[1]":
4082  (x1[F]  y1[G])  (x1[F]  y1[G])
4083  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4084  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
4085AOT_theorem "en-eq:4[2]":
4086  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4087  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4088  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
4089AOT_theorem "en-eq:4[3]":
4090  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4091  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4092  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
4093AOT_theorem "en-eq:4[4]":
4094  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4095  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4096  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
4097
4098AOT_theorem "en-eq:5[1]":
4099  (x1[F]  y1[G])  (x1[F]  y1[G])
4100  apply (rule "≡I"; rule "→I")
4101  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4102   apply blast
4103  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4104        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]]
4105  by blast
4106AOT_theorem "en-eq:5[2]":
4107  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4108  apply (rule "≡I"; rule "→I")
4109  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4110   apply blast
4111  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4112        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]]
4113  by blast
4114AOT_theorem "en-eq:5[3]":
4115  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4116  apply (rule "≡I"; rule "→I")
4117  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4118   apply blast
4119  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4120        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]]
4121  by blast
4122AOT_theorem "en-eq:5[4]":
4123  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4124  apply (rule "≡I"; rule "→I")
4125  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4126   apply blast
4127  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4128        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]]
4129  by blast
4130
4131AOT_theorem "en-eq:6[1]":
4132  (x1[F]  y1[G])  (x1[F]  y1[G])
4133  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
4134AOT_theorem "en-eq:6[2]":
4135  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4136  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
4137AOT_theorem "en-eq:6[3]":
4138  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4139  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
4140AOT_theorem "en-eq:6[4]":
4141  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4142  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
4143
4144AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
4145  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
4146AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
4147  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
4148AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4149  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
4150AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4151  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
4152
4153AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
4154  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4155        "KBasic:11" "≡E"(5)[symmetric] by blast
4156AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
4157  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4158        "KBasic:11" "≡E"(5)[symmetric] by blast
4159AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4160  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4161        "KBasic:11" "≡E"(5)[symmetric] by blast
4162AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4163  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4164        "KBasic:11" "≡E"(5)[symmetric] by blast
4165
4166AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
4167  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
4168AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
4169  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
4170AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4171  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
4172AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4173  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
4174
4175AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
4176  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4177            "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
4178AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
4179  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4180            "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
4181AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
4182  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4183            "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
4184AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
4185  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4186            "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
4187
4188AOT_theorem "oa-facts:1": O!x  O!x
4189proof(rule "→I")
4190  AOT_modally_strict {
4191    AOT_have x E!x]x  E!x
4192      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4193  } note θ = this
4194  AOT_assume O!x
4195  AOT_hence x E!x]x
4196    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4197  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
4198  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
4199  AOT_hence x E!x]x
4200    by (AOT_subst x E!x]x E!x)
4201       (auto simp: θ)
4202  AOT_thus O!x
4203    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4204qed
4205
4206AOT_theorem "oa-facts:2": A!x  A!x
4207proof(rule "→I")
4208  AOT_modally_strict {
4209    AOT_have x ¬E!x]x  ¬E!x
4210      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4211  } note θ = this
4212  AOT_assume A!x
4213  AOT_hence x ¬E!x]x
4214    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2"
4215  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
4216  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
4217  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
4218  AOT_hence ¬E!x
4219    using "KBasic2:1"
4220    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
4221  AOT_hence x ¬E!x]x
4222    by (AOT_subst x ¬E!x]x ¬E!x)
4223       (auto simp: θ)
4224  AOT_thus A!x
4225    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
4226qed
4227
4228AOT_theorem "oa-facts:3": O!x  O!x
4229  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4230AOT_theorem "oa-facts:4": A!x  A!x
4231  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4232
4233AOT_theorem "oa-facts:5": O!x  O!x
4234  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4235            "oa-facts:1" "oa-facts:3")
4236
4237AOT_theorem "oa-facts:6": A!x  A!x
4238  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4239            "oa-facts:2" "oa-facts:4")
4240
4241AOT_theorem "oa-facts:7": O!x  𝒜O!x
4242  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4243            "oa-facts:1" "oa-facts:3")
4244
4245AOT_theorem "oa-facts:8": A!x  𝒜A!x
4246  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4247            "oa-facts:2" "oa-facts:4")
4248
4249subsection‹The Theory of Relations›
4250text‹\label{PLM: 9.10}›
4251
4252AOT_theorem "beta-C-meta":
4253  μ1...μn φ{μ1...μn, ν1...νn}] 
4254   (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4255  using "lambda-predicates:2"[axiom_inst] by blast
4256
4257AOT_theorem "beta-C-cor:1":
4258  (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}])) 
4259   ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4260  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
4261  using "beta-C-meta" "∀I" by fast
4262
4263AOT_theorem "beta-C-cor:2":
4264  μ1...μn φ{μ1...μn}] 
4265   ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
4266  apply (rule "→I"; rule "∀I")
4267  using "beta-C-meta"[THEN "→E"] by fast
4268
4269(* TODO: syntax *)
4270theorem "beta-C-cor:3":
4271  assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
4272  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn, μ1...μn}]ν1...νn 
4273                         φ{ν1...νn, ν1...νn})]
4274  using "cqt:2[lambda]"[axiom_inst, OF assms]
4275        "beta-C-cor:1"[THEN "→E"] "∀I" by fast
4276
4277AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
4278proof -
4279  AOT_modally_strict {
4280    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
4281    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
4282      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
4283    ultimately AOT_show φ{κ1...κn}
4284      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
4285  }
4286qed
4287
4288AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
4289  using "betaC:1:a" "raa-cor:3" by blast
4290
4291lemmas "β→C" = "betaC:1:a" "betaC:1:b"
4292
4293AOT_theorem "betaC:2:a":
4294  μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4295   μ1...μn φ{μ1...μn}]κ1...κn
4296proof -
4297  AOT_modally_strict {
4298    AOT_assume 1: μ1...μn φ{μ1...μn}]
4299           and 2: κ1...κn
4300           and 3: φ{κ1...κn}
4301    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
4302      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)]
4303      by blast
4304  }
4305  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4306            μ1...μn φ{μ1...μn}]κ1...κn
4307    by blast
4308qed
4309
4310AOT_theorem "betaC:2:b":
4311  μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn 
4312   ¬φ{κ1...κn}
4313  using "betaC:2:a" "raa-cor:3" by blast
4314
4315lemmas "β←C" = "betaC:2:a" "betaC:2:b"
4316
4317AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
4318  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
4319
4320(* Note: generalized alphabetic variant of the last theorem *)
4321AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
4322  using "eta-conversion-lemma1:1".
4323
4324text‹Note: not explicitly part of PLM.›
4325AOT_theorem id_sym:
4326  assumes τ = τ'
4327  shows τ' = τ
4328  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
4329        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
4330declare id_sym[sym]
4331
4332text‹Note: not explicitly part of PLM.›
4333AOT_theorem id_trans:
4334  assumes τ = τ' and τ' = τ''
4335  shows τ = τ''
4336  using "rule=E" assms by blast
4337declare id_trans[trans]
4338
4339method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> =
4340  (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  4341   rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"
4342    [THEN "→E", of v "«[Π]»", symmetric]])
4343(*
4344AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
4345  apply ("ηC" "«[P]»") defer
4346   apply ("ηC" "«[S]»") defer
4347  oops
4348*)
4349(* TODO: proper representation of eta_conversion_lemma2 *)
4350
4351AOT_theorem "sub-des-lam:1":
4352  z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x} 
4353   z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4354proof(rule "→I")
4355  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
4356  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4357    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] =
4358                                   z1...zn χ{z1...zn, τ}]»",
4359               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
4360    by blast
4361qed
4362
4363AOT_theorem "sub-des-lam:2":
4364  ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
4365  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»",
4366                 OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
4367
4368AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
4369proof(rule "≡I"; rule "→I")
4370  AOT_assume F = G
4371  AOT_thus x (x[F]  x[G])
4372    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
4373next
4374  AOT_assume x (x[F]  x[G])
4375  AOT_hence x[F]  x[G] for x
4376    using "∀E" by blast
4377  AOT_hence (x[F]  x[G]) for x
4378    using "en-eq:6[1]"[THEN "≡E"(1)] by blast
4379  AOT_hence x (x[F]  x[G])
4380    by (rule GEN)
4381  AOT_hence x (x[F]  x[G])
4382    using BF[THEN "→E"] by fast
4383  AOT_thus "F = G"
4384    using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
4385qed
4386
4387AOT_theorem "relations:1":
4388  assumes INSTANCE_OF_CQT_2(φ)
4389  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
4390  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
4391  using "cqt:2[lambda]"[OF assms, axiom_inst]
4392        "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
4393
4394AOT_theorem "relations:2":
4395  assumes INSTANCE_OF_CQT_2(φ)
4396  shows F x ([F]x  φ{x})
4397  using "relations:1" assms by blast
4398
4399AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
4400proof(rule RAA(2))
4401  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
4402  AOT_assume A: x « x»]
4403  AOT_have x (A!x & F (x[F]  F = x « x»]))
4404    using "A-objects"[axiom_inst] by fast
4405  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
4406    using "∃E"[rotated] by blast
4407  AOT_show ¬x G (x[G] & ¬[G]x)]
4408  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4409    AOT_assume B: x « x»]a
4410    AOT_hence G (a[G] & ¬[G]a)
4411      using "β→C" A by blast
4412    then AOT_obtain P where a[P] & ¬[P]a
4413      using "∃E"[rotated] by blast
4414    moreover AOT_have P = x « x»]
4415      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4416            calculation[THEN "&E"(1)] by blast
4417    ultimately AOT_have ¬x « x»]a
4418      using "rule=E" "&E"(2) by fast
4419    AOT_thus ¬x G (x[G] & ¬[G]x)]
4420      using B RAA by blast
4421  next
4422    AOT_assume B: ¬x « x»]a
4423    AOT_hence ¬G (a[G] & ¬[G]a)
4424      using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
4425    AOT_hence C: G ¬(a[G] & ¬[G]a)
4426      using "cqt-further:4"[THEN "→E"] by blast
4427    AOT_have G (a[G]  [G]a)
4428      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4429         (auto simp: "oth-class-taut:1:a" C)
4430    AOT_hence ax « x»]  x « x»]a
4431      using "∀E" A by blast
4432    moreover AOT_have ax « x»]
4433      using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
4434      using "=I"(1)[OF A] by blast
4435    ultimately AOT_show ¬x G (x[G] & ¬[G]x)]
4436      using B "→E" RAA by blast
4437  qed
4438qed(simp)
4439
4440AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
4441proof(rule RAA(2))
4442  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
4443  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x))
4444    using "∃E"[rotated] by blast
4445  AOT_have x (A!x & G (x[G]  G = F))
4446    using "A-objects"[axiom_inst] by fast
4447  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
4448    using "∃E"[rotated] by blast
4449  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4450  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4451    AOT_assume B: [F]a
4452    AOT_hence G (a[G] & ¬[G]a)
4453      using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
4454    then AOT_obtain P where a[P] & ¬[P]a
4455      using "∃E"[rotated] by blast
4456    moreover AOT_have P = F
4457      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4458            calculation[THEN "&E"(1)] by blast
4459    ultimately AOT_have ¬[F]a
4460      using "rule=E" "&E"(2) by fast
4461    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x))
4462      using B RAA by blast
4463  next
4464    AOT_assume B: ¬[F]a
4465    AOT_hence ¬G (a[G] & ¬[G]a)
4466      using "oth-class-taut:4:b"[THEN "≡E"(1),
4467              OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)]
4468      by simp
4469    AOT_hence C: G ¬(a[G] & ¬[G]a)
4470      using "cqt-further:4"[THEN "→E"] by blast
4471    AOT_have G (a[G]  [G]a)
4472      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4473         (auto simp: "oth-class-taut:1:a" C)
4474    AOT_hence a[F]  [F]a
4475      using "∀E" by blast
4476    moreover AOT_have a[F]
4477      using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
4478      using "=I"(2) by blast
4479    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4480      using B "→E" RAA by blast
4481  qed
4482qed(simp)
4483
4484AOT_theorem "block-paradox:3": ¬y z z = y]
4485proof(rule RAA(2))
4486  AOT_assume θ: y z z = y]
4487  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
4488    using "A-objects"[axiom_inst] by force
4489  then AOT_obtain a where
4490    a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
4491    using "∃E"[rotated] by blast
4492  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
4493    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
4494  AOT_show ¬y z z = y]
4495  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4496    AOT_assume A: az z = a]
4497    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
4498      using ζ[THEN "≡E"(1)] by blast
4499    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
4500      using "∃E"[rotated] by blast
4501    moreover AOT_have a = a by (rule "=I")
4502    moreover AOT_have z z = a] using θ "∀E" by blast
4503    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
4504    ultimately AOT_have z z = a]a using "β←C" by blast
4505    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
4506    AOT_hence a = b using "β→C" by blast
4507    AOT_hence bz z = a] using A "rule=E" by fast
4508    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
4509  next
4510    AOT_assume A: ¬az z = a]
4511    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
4512      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4513    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
4514      using "cqt-further:4"[THEN "→E"] by blast
4515    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
4516      using "∀E" by blast
4517    AOT_hence z z = a] = z z = a]  az z = a]
4518      by (metis "&I" "deduction-theorem" "raa-cor:4")
4519    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
4520    AOT_thus ¬y z z = y] using A RAA by blast
4521  qed
4522qed(simp)
4523
4524AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
4525proof(rule RAA(2))
4526  AOT_assume θ: y F x([F]x  x = y)
4527  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
4528    using "A-objects"[axiom_inst] by force
4529  then AOT_obtain a where
4530    a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
4531    using "∃E"[rotated] by blast
4532  AOT_obtain F where F_prop: x ([F]x  x = a)
4533    using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
4534  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
4535    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
4536  AOT_show ¬y F x([F]x  x = y)
4537  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4538    AOT_assume A: a[F]
4539    AOT_hence z (y ([F]y  y = z) & ¬z[F])
4540      using ζ[THEN "≡E"(1)] by blast
4541    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
4542      using "∃E"[rotated] by blast
4543    moreover AOT_have [F]a
4544      using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
4545    ultimately AOT_have a = b
4546      using "∀E"(2) "≡E"(1) "&E" by fast
4547    AOT_hence a = b
4548      using "β→C" by blast
4549    AOT_hence b[F]
4550      using A "rule=E" by fast
4551    AOT_thus ¬y F x([F]x  x = y)
4552      using b_prop[THEN "&E"(2)] RAA by blast
4553  next
4554    AOT_assume A: ¬a[F]
4555    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
4556      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4557    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
4558      using "cqt-further:4"[THEN "→E"] by blast
4559    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
4560      using "∀E" by blast
4561    AOT_hence y ([F]y  y = a)  a[F]
4562      by (metis "&I" "deduction-theorem" "raa-cor:4")
4563    AOT_hence a[F] using F_prop "→E" by blast
4564    AOT_thus ¬y F x([F]x  x = y)
4565      using A RAA by blast
4566  qed
4567qed(simp)
4568
4569AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
4570proof(rule "raa-cor:2")
4571  AOT_assume Fxy([F]xy  y = x)
4572  then AOT_obtain F where F_prop: xy([F]xy  y = x)
4573    using "∃E"[rotated] by blast
4574  {
4575    fix x
4576    AOT_have 1: y([F]xy  y = x)
4577      using F_prop "∀E" by blast
4578    AOT_have 2: z [F]xz] by "cqt:2"
4579    moreover AOT_have y(z [F]xz]y  y = x)
4580    proof(rule "∀I")
4581      fix y
4582      AOT_have z [F]xz]y  [F]xy
4583        using "beta-C-meta"[THEN "→E"] 2 by fast
4584      also AOT_have ...  y = x
4585        using 1 "∀E" by fast
4586      finally AOT_show z [F]xz]y  y = x.
4587    qed
4588    ultimately AOT_have Fy([F]y  y = x)
4589      using "∃I" by fast
4590  }
4591  AOT_hence xFy([F]y  y = x)
4592    by (rule GEN)
4593  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
4594    using "&I" "block-paradox:4" by blast
4595qed
4596
4597AOT_act_theorem "block-paradox2:1":
4598  x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4599proof(rule "→I"; rule "raa-cor:2")
4600  AOT_assume antecedant: x [G]x
4601  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4602  proof(rule GEN)
4603    fix x
4604    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x)) 
4605                 ∃!y (y = x & H (x[H] & ¬[H]x))
4606    proof(rule "≡I"; rule "→I")
4607      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
4608      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4609        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
4610      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
4611        using "!-exists:1"[THEN "≡E"(1)] by blast
4612    next
4613      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4614      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x)
4615                     and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
4616        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4617      AOT_have a_3: [G]a
4618        using antecedant "∀E" by blast
4619      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
4620        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
4621        apply (rule "∃I"(2))
4622        using a_1 a_2 a_3 "&I" by blast
4623    qed
4624    also AOT_have B: ...  H (x[H] & ¬[H]x)
4625    proof (rule "≡I"; rule "→I")
4626      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4627      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
4628        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4629      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
4630    next
4631      AOT_assume H (x[H] & ¬[H]x)
4632      AOT_hence x = x & H (x[H] & ¬[H]x)
4633        using "id-eq:1" "&I" by blast
4634      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
4635        by (simp add: "Conjunction Simplification"(1) "universal-cor")
4636      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
4637        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
4638    qed
4639    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
4640  qed
4641
4642  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4643  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x 
4644                   [G]ιy(y = x & H (x[H] & ¬[H]x)))
4645    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
4646  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
4647    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
4648  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
4649    using "∃I"(1) A by fast
4650  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) &
4651            (¬F x ([F]x  H (x[H] & ¬[H]x)))
4652    using "block-paradox:2" "&I" by blast
4653qed
4654
4655AOT_act_theorem "block-paradox2:2":
4656  G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4657proof(rule "∃I"(1))
4658  AOT_have 0: x p (p p)]
4659    by "cqt:2[lambda]"
4660  moreover AOT_have x x p (p p)]x
4661    apply (rule GEN)
4662    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
4663    using "if-p-then-p" GEN by fast
4664  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
4665      using "block-paradox2:1" "∀I" by fast
4666  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
4667    using "∀E"(1) "→E" by blast
4668qed("cqt:2[lambda]")
4669
4670AOT_theorem propositions: p (p  φ)
4671proof(rule "∃I"(1))
4672  AOT_show (φ  φ)
4673    by (simp add: RN "oth-class-taut:3:a")
4674next
4675  AOT_show φ
4676    by (simp add: "log-prop-prop:2")
4677qed
4678
4679AOT_theorem "pos-not-equiv-ne:1":
4680  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4681proof (rule "→I")
4682  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4683  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4684    using "KBasic:11"[THEN "≡E"(2)] by blast
4685  AOT_hence ¬(F = G)
4686    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
4687  AOT_thus F  G
4688    using "=-infix"[THEN "≡dfI"] by blast
4689qed
4690
4691AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
4692proof (rule "→I")
4693  AOT_modally_strict {
4694    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
4695    proof (rule "→I"; rule "raa-cor:2")
4696      AOT_assume 1: F = G
4697      AOT_hence φ{F}  φ{G}
4698        using "l-identity"[axiom_inst, THEN "→E"] by blast
4699      moreover {
4700        AOT_have G = F
4701          using 1 id_sym by blast
4702        AOT_hence φ{G}  φ{F}
4703          using "l-identity"[axiom_inst, THEN "→E"] by blast
4704      }
4705      ultimately AOT_have φ{F}  φ{G}
4706        using "≡I" by blast
4707      moreover AOT_assume ¬(φ{F}  φ{G})
4708      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
4709        using "&I" by blast
4710    qed
4711  }
4712  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
4713    using "RM:2[prem]" by blast
4714  moreover AOT_assume ¬(φ{F}  φ{G})
4715  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
4716  AOT_have (F  G)
4717    by (AOT_subst F  G ¬(F = G))
4718       (auto simp: "=-infix" "≡Df" 0)
4719  AOT_thus F  G
4720    using "id-nec2:3"[THEN "→E"] by blast
4721qed
4722
4723AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
4724proof (rule "→I")
4725  AOT_modally_strict {
4726    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
4727    proof (rule "→I"; rule "raa-cor:2")
4728      AOT_assume 1: p = q
4729      AOT_hence φ{p}  φ{q}
4730        using "l-identity"[axiom_inst, THEN "→E"] by blast
4731      moreover {
4732        AOT_have q = p
4733          using 1 id_sym by blast
4734        AOT_hence φ{q}  φ{p}
4735          using "l-identity"[axiom_inst, THEN "→E"] by blast
4736      }
4737      ultimately AOT_have φ{p}  φ{q}
4738        using "≡I" by blast
4739      moreover AOT_assume ¬(φ{p}  φ{q})
4740      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
4741        using "&I" by blast
4742    qed
4743  }
4744  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
4745    using "RM:2[prem]" by blast
4746  moreover AOT_assume ¬(φ{p}  φ{q})
4747  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
4748  AOT_have (p  q)
4749    by (AOT_subst p  q ¬(p = q))
4750       (auto simp: 0 "=-infix" "≡Df")
4751  AOT_thus p  q
4752    using "id-nec2:3"[THEN "→E"] by blast
4753qed
4754
4755AOT_theorem "pos-not-equiv-ne:3":
4756  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4757  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
4758
4759AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
4760  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
4761
4762AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
4763  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"]
4764        "T◇"[THEN "→E"] by blast
4765
4766AOT_define relation_negation ::  Π" ("_-")
4767  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
4768
4769nonterminal φneg
4770syntax "" :: "φneg  τ" ("_")
4771syntax "" :: "φneg  φ" ("'(_')")
4772
4773AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
4774  "df-relation-negation[zero]": "(p)- =df  ¬p]"
4775
4776AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
4777  by "cqt:2[lambda]"
4778
4779AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
4780  using "cqt:2[lambda0]"[axiom_inst] by blast
4781
4782AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
4783  using "=I"(1)[OF "rel-neg-T:1"]
4784  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
4785
4786AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
4787  using "=I"(1)[OF "rel-neg-T:1[zero]"]
4788  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
4789
4790AOT_theorem "rel-neg-T:3": [Π]-
4791  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"]
4792        "rel-neg-T:1" by blast
4793
4794AOT_theorem "rel-neg-T:3[zero]": (φ)-
4795  using "log-prop-prop:2" by blast
4796
4797(* Note: PLM states the zero place case twice *)
4798AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4799proof -
4800  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4801    using "rule=E"[rotated, OF "rel-neg-T:2"]
4802          "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4803          "→I" "≡I" by fast
4804  also AOT_have ...  ¬[F]x1...xn
4805    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4806  finally show ?thesis.
4807qed
4808
4809AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4810  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4811   apply (simp add: "oth-class-taut:3:b")
4812  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4813  using "thm-relation-negation:1".
4814
4815AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4816proof -
4817  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4818  AOT_hence ((p)-)   ¬p]
4819    using "df-relation-negation[zero]" "log-prop-prop:2"
4820          "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4821  also AOT_have  ¬p]  ¬p
4822    by (simp add: "propositions-lemma:2")
4823  finally show ?thesis.
4824qed
4825
4826AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4827  using "thm-relation-negation:3"[THEN "≡E"(1)]
4828        "thm-relation-negation:3"[THEN "≡E"(2)]
4829        "≡I" "→I" RAA by metis
4830
4831AOT_theorem "thm-relation-negation:5": [F]  [F]-
4832proof -
4833  AOT_have ¬([F] = [F]-)
4834  proof (rule RAA(2))
4835    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4836      using "if-p-then-p".
4837  next
4838    AOT_assume [F] = [F]-
4839    AOT_hence [F]- = [F] using id_sym by blast
4840    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4841      using "rule=E" "thm-relation-negation:1" by fast
4842    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4843      using "≡E" RAA by metis
4844  qed
4845  thus ?thesis
4846    using "≡dfI" "=-infix" by blast
4847qed
4848
4849AOT_theorem "thm-relation-negation:6": p  (p)-
4850proof -
4851  AOT_have ¬(p = (p)-)
4852  proof (rule RAA(2))
4853    AOT_show p  p
4854      using "if-p-then-p".
4855  next
4856    AOT_assume p = (p)-
4857    AOT_hence (p)- = p using id_sym by blast
4858    AOT_hence p  ¬p
4859      using "rule=E" "thm-relation-negation:3" by fast
4860    AOT_thus ¬(p  p)
4861      using "≡E" RAA by metis
4862  qed
4863  thus ?thesis
4864    using "≡dfI" "=-infix" by blast
4865qed
4866
4867AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4868  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4869  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]"
4870        "propositions-lemma:1" id_trans by blast+
4871
4872AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4873proof(rule "→I")
4874  AOT_assume p = q
4875  moreover AOT_have (¬p) using "log-prop-prop:2".
4876  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4877  ultimately AOT_show (¬p) = (¬q)
4878    using "rule=E" by fast
4879qed
4880
4881AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4882proof(rule "→I")
4883  AOT_assume p = q
4884  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4885  AOT_thus (p)- = (q)-
4886    using "thm-relation-negation:7" id_sym id_trans by metis
4887qed
4888
4889AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4890  "contingent-properties:1":
4891  Necessary([F]) df x1...∀xn [F]x1...xn
4892
4893AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4894  "contingent-properties:1[zero]":
4895  Necessary0(p) df p
4896
4897AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4898  "contingent-properties:2":
4899  Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4900
4901AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4902  "contingent-properties:2[zero]":
4903  Impossible0(p) df ¬p
4904
4905AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4906  "contingent-properties:3":
4907  NonContingent([F]) df Necessary([F])  Impossible([F])
4908
4909AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4910  "contingent-properties:3[zero]":
4911  NonContingent0(p) df Necessary0(p)  Impossible0(p)
4912
4913AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4914  "contingent-properties:4":
4915  Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4916
4917AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4918  "contingent-properties:4[zero]":
4919  Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4920
4921
4922AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4923proof (rule "≡I"; rule "→I")
4924  AOT_assume NonContingent([F])
4925  AOT_hence Necessary([F])  Impossible([F])
4926    using "≡dfE"[OF "contingent-properties:3"] by blast
4927  moreover {
4928    AOT_assume Necessary([F])
4929    AOT_hence (x1...∀xn [F]x1...xn)
4930      using "≡dfE"[OF "contingent-properties:1"] by blast
4931    moreover AOT_modally_strict {
4932      AOT_assume x1...∀xn [F]x1...xn
4933      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4934      AOT_hence ¬[F]-x1...xn for x1xn
4935        by (meson "≡E"(6) "oth-class-taut:3:a"
4936                  "thm-relation-negation:2" "≡E"(1))
4937      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4938    }
4939    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4940      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4941    AOT_hence Impossible([F]-)
4942      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4943                  OF "rel-neg-T:3", THEN "≡E"(2)]
4944      by blast
4945  }
4946  moreover {
4947    AOT_assume Impossible([F])
4948    AOT_hence (x1...∀xn ¬[F]x1...xn)
4949      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4950                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4951      by blast
4952    moreover AOT_modally_strict {
4953      AOT_assume x1...∀xn ¬[F]x1...xn
4954      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4955      AOT_hence [F]-x1...xn for x1xn
4956        by (meson "≡E"(6) "oth-class-taut:3:a"
4957                  "thm-relation-negation:1" "≡E"(1))
4958      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4959    }
4960    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4961      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4962    AOT_hence Necessary([F]-)
4963      using "≡dfI"[OF "contingent-properties:1"] by blast
4964  }
4965  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4966    using "∨E"(1) "∨I" "→I" by metis
4967  AOT_thus NonContingent([F]-)
4968    using "≡dfI"[OF "contingent-properties:3"] by blast
4969next
4970  AOT_assume NonContingent([F]-)
4971  AOT_hence Necessary([F]-)  Impossible([F]-)
4972    using "≡dfE"[OF "contingent-properties:3"] by blast
4973  moreover {
4974    AOT_assume Necessary([F]-)
4975    AOT_hence (x1...∀xn [F]-x1...xn)
4976      using "≡dfE"[OF "contingent-properties:1"] by blast
4977    moreover AOT_modally_strict {
4978      AOT_assume x1...∀xn [F]-x1...xn
4979      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4980      AOT_hence ¬[F]x1...xn for x1xn
4981        by (meson "≡E"(6) "oth-class-taut:3:a"
4982                  "thm-relation-negation:1" "≡E"(2))
4983      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4984    }
4985    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4986      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4987    AOT_hence Impossible([F])
4988      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4989                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4990      by blast
4991  }
4992  moreover {
4993    AOT_assume Impossible([F]-)
4994    AOT_hence (x1...∀xn ¬[F]-x1...xn)
4995      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4996                  OF "rel-neg-T:3", THEN "≡E"(1)]
4997      by blast
4998    moreover AOT_modally_strict {
4999      AOT_assume x1...∀xn ¬[F]-x1...xn
5000      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
5001      AOT_hence [F]x1...xn for x1xn 
5002        using "thm-relation-negation:1"[THEN
5003                "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
5004              "useful-tautologies:1"[THEN "→E"] by blast
5005      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
5006    }
5007    ultimately AOT_have (x1...∀xn [F]x1...xn)
5008      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
5009    AOT_hence Necessary([F])
5010      using "≡dfI"[OF "contingent-properties:1"] by blast
5011  }
5012  ultimately AOT_have Necessary([F])  Impossible([F])
5013    using "∨E"(1) "∨I" "→I" by metis
5014  AOT_thus NonContingent([F])
5015    using "≡dfI"[OF "contingent-properties:3"] by blast
5016qed
5017
5018AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
5019proof -
5020  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
5021    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5022                                    OF "cqt:2[const_var]"[axiom_inst]]
5023    by blast
5024  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
5025    using "oth-class-taut:5:d" by fastforce
5026  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
5027    by (simp add: "Commutativity of &")
5028  also AOT_have ...  x [F]x & ¬Necessary([F])
5029  proof (rule "oth-class-taut:4:e"[THEN "→E"])
5030    AOT_have ¬Impossible([F])  ¬¬ x [F]x
5031      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5032      apply (AOT_subst x [F]x ¬ x ¬[F]x)
5033       apply (simp add: "conventions:4" "≡Df")
5034      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
5035       apply (simp add: "oth-class-taut:3:b")
5036      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1),
5037                                      OF "cqt:2[const_var]"[axiom_inst]]
5038      by blast
5039    also AOT_have ...  x [F]x
5040      using "conventions:5"[THEN "≡Df", symmetric] by blast
5041    finally AOT_show ¬Impossible([F])  x [F]x .
5042  qed
5043  also AOT_have ...  x [F]x & x ¬[F]x
5044  proof (rule "oth-class-taut:4:f"[THEN "→E"])
5045    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
5046      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5047      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
5048       apply (simp add: "conventions:4" "≡Df")
5049      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
5050       apply (simp add: "oth-class-taut:3:b")
5051      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
5052      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
5053    also AOT_have ...  x ¬[F]x
5054      using "conventions:5"[THEN "≡Df", symmetric] by blast
5055    finally AOT_show ¬Necessary([F])  x ¬[F]x.
5056  qed
5057  finally show ?thesis.
5058qed
5059
5060AOT_theorem "thm-cont-prop:3":
5061  Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
5062proof -
5063  {
5064    fix Π :: <κ>
5065    AOT_assume Π
5066    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5067      using "thm-cont-prop:2" GEN by fast
5068    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
5069      using "thm-cont-prop:2" "∀E" by fast
5070  } note 1 = this
5071  AOT_have Contingent([F])  x [F]x & x ¬[F]x
5072    using "thm-cont-prop:2" by blast
5073  also AOT_have ...  x ¬[F]x & x [F]x
5074    by (simp add: "Commutativity of &")
5075  also AOT_have ...  x [F]-x & x [F]x
5076    by (AOT_subst [F]-x ¬[F]x for: x)
5077       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
5078  also AOT_have ...  x [F]-x & x ¬[F]-x
5079    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
5080       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
5081  also AOT_have ...  Contingent([F]-)
5082    using 1[OF "rel-neg-T:3", symmetric] by blast
5083  finally show ?thesis.
5084qed
5085
5086AOT_define concrete_if_concrete :: ‹Π› ("L")
5087  L_def: L =df x E!x  E!x]
5088
5089AOT_theorem "thm-noncont-e-e:1": Necessary(L)
5090proof -
5091  AOT_modally_strict {
5092    fix x
5093    AOT_have x E!x  E!x] by "cqt:2[lambda]"
5094    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5095    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5096    ultimately AOT_have x E!x  E!x]x
5097      using "β←C" by blast
5098  }
5099  AOT_hence 0: x x E!x  E!x]x
5100    using RN GEN by blast
5101  show ?thesis
5102    apply (rule "=dfI"(2)[OF L_def])
5103     apply "cqt:2[lambda]"
5104    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
5105qed
5106
5107AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
5108proof -
5109  AOT_modally_strict {
5110    fix x
5111
5112    AOT_have 0: F (¬[F]-x  [F]x)
5113      using "thm-relation-negation:2" GEN by fast
5114    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
5115      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
5116    moreover {
5117      AOT_have x E!x  E!x] by "cqt:2[lambda]"
5118      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5119      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5120      ultimately AOT_have x E!x  E!x]x
5121        using "β←C" by blast
5122    }
5123    ultimately AOT_have ¬x E!x  E!x]-x
5124      using "≡E" by blast
5125  }
5126  AOT_hence 0: x ¬x E!x  E!x]-x
5127    using RN GEN by fast
5128  show ?thesis
5129    apply (rule "=dfI"(2)[OF L_def])
5130     apply "cqt:2[lambda]"
5131    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
5132     using "rel-neg-T:3"
5133     apply blast
5134    using 0
5135    by blast
5136qed
5137
5138AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
5139  using "thm-noncont-e-e:1"
5140  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
5141
5142AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
5143proof -
5144  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
5145    using "thm-cont-prop:1" "∀I" by fast
5146  moreover AOT_have 1: L
5147    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5148  AOT_show NonContingent([L]-)
5149    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
5150qed
5151
5152AOT_theorem "thm-noncont-e-e:5":
5153  F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
5154proof (rule "∃I")+
5155  {
5156    AOT_have F [F]  [F]-
5157      using "thm-relation-negation:5" GEN by fast
5158    moreover AOT_have L
5159      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5160    ultimately AOT_have L  [L]-
5161      using "∀E" by blast
5162  }
5163  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
5164    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
5165next
5166  AOT_show [L]-
5167    using "rel-neg-T:3" by blast
5168next
5169  AOT_show L
5170      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5171qed
5172
5173AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5174proof -
5175  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
5176    using "BF◇" "CBF◇" "≡I" by blast
5177  also AOT_have   x ([F]x &  ¬[F]x)
5178    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
5179       (auto simp: "S5Basic:11" "cqt-further:7")
5180  also AOT_have   x (¬[F]x & [F]x)
5181    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
5182       (auto simp: "Commutativity of &" "cqt-further:7")
5183  also AOT_have   x (¬[F]x & [F]x)
5184    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
5185       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
5186  also AOT_have   x (¬[F]x & [F]x)
5187    using "BF◇" "CBF◇" "≡I" by fast
5188  finally show ?thesis.
5189qed
5190
5191AOT_theorem "lem-cont-e:2":
5192  x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
5193proof -
5194  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5195    using "lem-cont-e:1".
5196  also AOT_have   x ([F]-x & ¬[F]-x)
5197    apply (AOT_subst ¬[F]-x [F]x for: x)
5198     apply (simp add: "thm-relation-negation:2")
5199    apply (AOT_subst [F]-x ¬[F]x for: x)
5200     apply (simp add: "thm-relation-negation:1")
5201    by (simp add: "oth-class-taut:3:a")
5202  finally show ?thesis.
5203qed
5204
5205AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
5206proof (rule "CBF◇"[THEN "→E"])
5207  AOT_have x (E!x & ¬𝒜E!x)
5208    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
5209  then AOT_obtain a where (E!a & ¬𝒜E!a)
5210    using "∃E"[rotated] by blast
5211  AOT_hence θ: E!a & ¬𝒜E!a
5212    using "KBasic2:3"[THEN "→E"] by blast
5213  AOT_have ξ: E!a & 𝒜¬E!a
5214    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
5215       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
5216  AOT_have ζ: E!a & 𝒜¬E!a
5217    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
5218       (auto simp add: "Act-Sub:4" ξ)
5219  AOT_hence E!a & ¬E!a
5220    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
5221  AOT_hence (E!a & ¬E!a)
5222    using "S5Basic:11"[THEN "≡E"(2)] by simp
5223  AOT_thus x (E!x & ¬E!x)
5224    using "∃I"(2) by fast
5225qed
5226
5227AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
5228proof -
5229  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
5230    using "lem-cont-e:1" GEN by fast
5231  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
5232    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5233  thus ?thesis using "thm-cont-e:1" "≡E" by blast
5234qed
5235
5236AOT_theorem "thm-cont-e:3": x E!x
5237proof (rule "CBF◇"[THEN "→E"])
5238  AOT_obtain a where (E!a & ¬E!a)
5239    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5240  AOT_hence E!a
5241    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
5242  AOT_thus x E!x using "∃I" by fast
5243qed
5244
5245AOT_theorem "thm-cont-e:4": x ¬E!x
5246proof (rule "CBF◇"[THEN "→E"])
5247  AOT_obtain a where (E!a & ¬E!a)
5248    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5249  AOT_hence ¬E!a
5250    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
5251  AOT_hence ¬E!a
5252    using "4◇"[THEN "→E"] by blast
5253  AOT_thus x ¬E!x using "∃I" by fast
5254qed
5255
5256AOT_theorem "thm-cont-e:5": Contingent([E!])
5257proof -
5258  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5259    using "thm-cont-prop:2" GEN by fast
5260  AOT_hence Contingent([E!])  x E!x & x ¬E!x
5261    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5262  thus ?thesis
5263    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
5264qed
5265
5266AOT_theorem "thm-cont-e:6": Contingent([E!]-)
5267proof -
5268  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
5269    using "thm-cont-prop:3" GEN by fast
5270  AOT_hence Contingent([E!])  Contingent([E!]-)
5271    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5272  thus ?thesis using "thm-cont-e:5" "≡E" by blast
5273qed
5274
5275AOT_theorem "thm-cont-e:7":
5276  FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
5277proof (rule "∃I")+
5278  AOT_have F [«F::<κ>»]  [F]-
5279    using "thm-relation-negation:5" GEN by fast
5280  AOT_hence [E!]  [E!]-
5281    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5282  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
5283    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
5284next
5285  AOT_show E!-
5286    by (fact AOT)
5287next
5288  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
5289qed
5290
5291AOT_theorem "property-facts:1":
5292  NonContingent([F])  ¬G (Contingent([G]) & G = F)
5293proof (rule "→I"; rule "raa-cor:2")
5294  AOT_assume NonContingent([F])
5295  AOT_hence 1: Necessary([F])  Impossible([F])
5296    using "contingent-properties:3"[THEN "≡dfE"] by blast
5297  AOT_assume G (Contingent([G]) & G = F)
5298  then AOT_obtain G where Contingent([G]) & G = F
5299    using "∃E"[rotated] by blast
5300  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
5301  AOT_hence ¬(Necessary([F])  Impossible([F]))
5302    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5303            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5304  AOT_thus (Necessary([F])  Impossible([F])) &
5305            ¬(Necessary([F])  Impossible([F]))
5306    using 1 "&I" by blast
5307qed
5308
5309AOT_theorem "property-facts:2":
5310  Contingent([F])  ¬G (NonContingent([G]) & G = F)
5311proof (rule "→I"; rule "raa-cor:2")
5312  AOT_assume Contingent([F])
5313  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
5314    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5315            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5316  AOT_assume G (NonContingent([G]) & G = F)
5317  then AOT_obtain G where NonContingent([G]) & G = F
5318    using "∃E"[rotated] by blast
5319  AOT_hence NonContingent([F])
5320    using "rule=E" "&E" by blast
5321  AOT_hence Necessary([F])  Impossible([F])
5322    using "contingent-properties:3"[THEN "≡dfE"] by blast
5323  AOT_thus (Necessary([F])  Impossible([F])) &
5324            ¬(Necessary([F])  Impossible([F]))
5325    using 1 "&I" by blast
5326qed
5327
5328AOT_theorem "property-facts:3":
5329  L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
5330proof -
5331  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
5332    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5333    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
5334  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
5335    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
5336  AOT_have not_noncontingent_if_contingent:
5337    ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
5338  proof(rule RAA(2))
5339    AOT_show ¬(Necessary([Π])  Impossible([Π]))
5340      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5341                    OF contingent_denotes[OF that], THEN "≡E"(1)]
5342      by blast
5343  next
5344    AOT_assume NonContingent([Π])
5345    AOT_thus Necessary([Π])  Impossible([Π])
5346      using "contingent-properties:3"[THEN "≡dfE"] by blast
5347  qed
5348
5349  show ?thesis
5350  proof (safe intro!: "&I")
5351    AOT_show L  [L]-
5352      apply (rule "=dfI"(2)[OF L_def])
5353       apply "cqt:2[lambda]"
5354      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5355       apply (rule GEN) apply (fact AOT)
5356      by "cqt:2[lambda]"
5357  next
5358    AOT_show L  E!
5359      apply (rule noneqI)
5360      using "thm-noncont-e-e:3"
5361            not_noncontingent_if_contingent[OF "thm-cont-e:5"]
5362      by auto
5363  next
5364    AOT_show L  E!-
5365      apply (rule noneqI)
5366      using "thm-noncont-e-e:3" apply fast
5367      apply (rule not_noncontingent_if_contingent)
5368      apply (rule "∀E"(1)[
5369            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5370            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5371      using "thm-cont-prop:3" GEN apply fast
5372      using "thm-cont-e:5" by fast+
5373  next
5374    AOT_show [L]-  E!-
5375      apply (rule noneqI)
5376      using "thm-noncont-e-e:4" apply fast
5377      apply (rule not_noncontingent_if_contingent)
5378      apply (rule "∀E"(1)[
5379            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5380            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5381      using "thm-cont-prop:3" GEN apply fast
5382      using "thm-cont-e:5" by fast+
5383  next
5384    AOT_show E!  E!-
5385      apply (rule "=dfI"(2)[OF L_def])
5386       apply "cqt:2[lambda]"
5387      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5388       apply (rule GEN) apply (fact AOT)
5389      by (fact "cqt:2[concrete]"[axiom_inst])
5390  qed
5391qed
5392
5393AOT_theorem "thm-cont-propos:1":
5394  NonContingent0(p)  NonContingent0(((p)-))
5395proof(rule "≡I"; rule "→I")
5396  AOT_assume NonContingent0(p)
5397  AOT_hence Necessary0(p)  Impossible0(p)
5398    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5399  moreover {
5400    AOT_assume Necessary0(p)
5401    AOT_hence 1: p
5402      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5403    AOT_have ¬((p)-)
5404      by (AOT_subst ¬((p)-) p)
5405         (auto simp add: 1 "thm-relation-negation:4")
5406    AOT_hence Impossible0(((p)-))
5407      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5408  }
5409  moreover {
5410    AOT_assume Impossible0(p)
5411    AOT_hence 1: ¬p
5412      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5413    AOT_have ((p)-)
5414      by (AOT_subst ((p)-) ¬p) 
5415         (auto simp: 1 "thm-relation-negation:3")
5416    AOT_hence Necessary0(((p)-))
5417      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5418  }
5419  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
5420    using "∨E"(1) "∨I" "→I" by metis
5421  AOT_thus NonContingent0(((p)-))
5422    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5423next
5424  AOT_assume NonContingent0(((p)-))
5425  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
5426    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5427  moreover {
5428    AOT_assume Impossible0(((p)-))
5429    AOT_hence 1: ¬((p)-)
5430      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5431    AOT_have p
5432      by (AOT_subst (reverse) p ¬((p)-))
5433         (auto simp: 1 "thm-relation-negation:4")
5434    AOT_hence Necessary0(p)
5435      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
5436  }
5437  moreover {
5438    AOT_assume Necessary0(((p)-))
5439    AOT_hence 1: ((p)-)
5440      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
5441    AOT_have ¬p
5442      by (AOT_subst (reverse) ¬p ((p)-))
5443         (auto simp: 1 "thm-relation-negation:3")
5444    AOT_hence Impossible0(p)
5445      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5446  }
5447  ultimately AOT_have Necessary0(p)  Impossible0(p)
5448    using "∨E"(1) "∨I" "→I" by metis
5449  AOT_thus NonContingent0(p)
5450    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5451qed
5452
5453AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
5454proof -
5455  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
5456    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
5457  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
5458    by (fact AOT)
5459  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
5460    by (fact AOT)
5461  also AOT_have   φ & ¬φ
5462    apply (AOT_subst φ ¬¬φ)
5463     apply (simp add: "conventions:5" "≡Df")
5464    apply (AOT_subst Impossible0(φ) ¬φ)
5465     apply (simp add: "contingent-properties:2[zero]" "≡Df")
5466    apply (AOT_subst (reverse) ¬φ ¬φ)
5467     apply (simp add: "KBasic:11")
5468    apply (AOT_subst Necessary0(φ) φ)
5469     apply (simp add: "contingent-properties:1[zero]" "≡Df")
5470    by (simp add: "oth-class-taut:3:a")
5471  finally show ?thesis.
5472qed
5473
5474AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
5475proof -
5476  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
5477  also AOT_have   ¬p & p by (fact AOT)
5478  also AOT_have   ((p)-) & p
5479    by (AOT_subst ((p)-) ¬p)
5480       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
5481  also AOT_have   ((p)-) & ¬((p)-)
5482    by (AOT_subst ¬((p)-) p)
5483       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
5484  also AOT_have   Contingent0(((p)-))
5485    using "thm-cont-propos:2"[symmetric] by blast
5486  finally show ?thesis.
5487qed
5488
5489AOT_define noncontingent_prop :: ‹φ› ("p0")
5490  p0_def: "(p0) =df (x (E!x  E!x))"
5491
5492AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
5493proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5494  AOT_show (p0)
5495    apply (rule "=dfI"(2)[OF p0_def])
5496    using "log-prop-prop:2" apply simp
5497    using "if-p-then-p" RN GEN by fast
5498qed
5499
5500AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
5501proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5502  AOT_show ¬((p0)-)
5503    apply (AOT_subst ((p0)-) ¬p0)
5504    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"]
5505     apply fast
5506    apply (AOT_subst (reverse) ¬¬p0 p0)
5507     apply (simp add: "oth-class-taut:3:b")
5508    apply (rule "=dfI"(2)[OF p0_def])
5509    using "log-prop-prop:2" apply simp
5510    using "if-p-then-p" RN GEN by fast
5511qed
5512
5513AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
5514  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5515  using "thm-noncont-propos:1" "∨I" by blast
5516
5517AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
5518  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5519  using "thm-noncont-propos:2" "∨I" by blast
5520
5521AOT_theorem "thm-noncont-propos:5":
5522  pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
5523proof(rule "∃I")+
5524  AOT_have 0: φ  (φ)- for φ
5525    using "thm-relation-negation:6" "∀I"
5526          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5527  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
5528    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
5529qed(auto simp: "log-prop-prop:2")
5530
5531AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
5532proof(rule "raa-cor:2")
5533  AOT_assume x(E!x & ¬𝒜E!x)
5534  then AOT_obtain a where a: E!a & ¬𝒜E!a
5535    using "∃E"[rotated] by blast
5536  AOT_hence 𝒜¬E!a
5537    using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5538  AOT_hence ¬E!a
5539    using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
5540  AOT_hence E!a & ¬E!a
5541    using a "&E" "&I" by blast
5542  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5543qed
5544
5545AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
5546proof(rule "raa-cor:2")
5547  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
5548  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
5549    using "Act-Basic:10"[THEN "≡E"(1)] by blast
5550  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a)
5551    using "∃E"[rotated] by blast
5552  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a
5553    using "Act-Basic:2"[THEN "≡E"(1)] by blast
5554  AOT_hence ¬𝒜𝒜E!a
5555    using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
5556  AOT_hence ¬𝒜E!a
5557    using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
5558  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
5559qed
5560
5561AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
5562proof (rule RAA(1))
5563  AOT_show ¬𝒜x (E!x & ¬𝒜E!x)
5564    using "pos-not-pna:1" by blast
5565next
5566  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
5567  AOT_hence x (E!x & ¬𝒜E!x)
5568    using "KBasic:12"[THEN "≡E"(2)] by blast
5569  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
5570    using "nec-imp-act"[THEN "→E"] by blast
5571qed
5572
5573AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
5574proof -
5575  AOT_obtain a where (E!a & ¬𝒜E!a)
5576    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
5577  AOT_hence θ: E!a and ξ: ¬𝒜E!a
5578    using "KBasic2:3"[THEN "→E"] "&E" by blast+
5579  AOT_have ¬𝒜E!a
5580    using ξ "KBasic:11"[THEN "≡E"(2)] by blast
5581  AOT_hence ¬𝒜E!a
5582    using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5583                        THEN "≡E"(2)] by blast
5584  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
5585  thus ?thesis using "∃I" by fast
5586qed
5587
5588AOT_define contingent_prop :: φ ("q0")
5589  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
5590
5591AOT_theorem q0_prop: q0 & ¬q0
5592  apply (rule "=dfI"(2)[OF q0_def])
5593  apply (fact "log-prop-prop:2")
5594  apply (rule "&I")
5595   apply (fact "qml:4"[axiom_inst])
5596  by (fact "pos-not-pna:2")
5597
5598AOT_theorem "basic-prop:1": Contingent0((q0))
5599proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5600  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
5601  proof (rule "&I";
5602         rule "=dfI"(2)[OF q0_def];
5603         (rule "log-prop-prop:2" | rule "raa-cor:2"))
5604    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
5605    AOT_hence x (E!x & ¬𝒜E!x)
5606      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5607    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
5608      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
5609    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
5610      using "pos-not-pna:1" "&I" by blast
5611  next
5612    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
5613    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5614      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5615    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5616      using "KBasic2:1"[THEN "≡E"(1)] by blast
5617    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
5618      using "qml:4"[axiom_inst] "&I" by blast
5619  qed
5620  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
5621    using "oth-class-taut:5:d" "≡E"(2) by blast
5622qed
5623
5624AOT_theorem "basic-prop:2": p Contingent0((p))
5625  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
5626
5627AOT_theorem "basic-prop:3": Contingent0(((q0)-))
5628  apply (AOT_subst ((q0)-) ¬q0)
5629   apply (insert "thm-relation-negation:3" "∀I"
5630                "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
5631  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5632  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
5633  apply (rule "&I")
5634   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]",
5635                  THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5636   apply (rule "conventions:5"[THEN "≡dfE"])
5637   apply (rule "=dfE"(2)[OF q0_def])
5638    apply (rule "log-prop-prop:2")
5639   apply (rule q0_prop[THEN "&E"(1)])
5640  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]",
5641                THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5642  apply (rule "conventions:5"[THEN "≡dfE"])
5643  by (rule q0_prop[THEN "&E"(2)])
5644
5645AOT_theorem "basic-prop:4":
5646  pq (p  q & Contingent0(p) & Contingent0(q))
5647proof(rule "∃I")+
5648  AOT_have 0: φ  (φ)- for φ
5649    using "thm-relation-negation:6" "∀I"
5650          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5651  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
5652    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
5653qed(auto simp: "log-prop-prop:2")
5654
5655AOT_theorem "proposition-facts:1":
5656  NonContingent0(p)  ¬q (Contingent0(q) & q = p)
5657proof(rule "→I"; rule "raa-cor:2")
5658  AOT_assume NonContingent0(p)
5659  AOT_hence 1: Necessary0(p)  Impossible0(p)
5660    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5661  AOT_assume q (Contingent0(q) & q = p)
5662  then AOT_obtain q where Contingent0(q) & q = p
5663    using "∃E"[rotated] by blast
5664  AOT_hence Contingent0(p)
5665    using "rule=E" "&E" by fast
5666  AOT_thus (Necessary0(p)  Impossible0(p)) &
5667            ¬(Necessary0(p)  Impossible0(p))
5668    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
5669qed
5670
5671AOT_theorem "proposition-facts:2":
5672  Contingent0(p)  ¬q (NonContingent0(q) & q = p)
5673proof(rule "→I"; rule "raa-cor:2")
5674  AOT_assume Contingent0(p)
5675  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
5676    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5677  AOT_assume q (NonContingent0(q) & q = p)
5678  then AOT_obtain q where NonContingent0(q) & q = p
5679    using "∃E"[rotated] by blast
5680  AOT_hence NonContingent0(p)
5681    using "rule=E" "&E" by fast
5682  AOT_thus (Necessary0(p)  Impossible0(p)) &
5683            ¬(Necessary0(p)  Impossible0(p))
5684    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
5685qed
5686
5687AOT_theorem "proposition-facts:3":
5688  (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
5689proof -
5690  {
5691    fix χ φ ψ
5692    AOT_assume χ{φ}
5693    moreover AOT_assume ¬χ{ψ}
5694    ultimately AOT_have ¬(χ{φ}  χ{ψ})
5695      using RAA "≡E" by metis
5696    moreover {
5697      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
5698        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
5699      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
5700        using "∀E" "log-prop-prop:2" by blast
5701    }
5702    ultimately AOT_have φ  ψ
5703      using "→E" by blast
5704  } note 0 = this
5705  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
5706    using "thm-cont-propos:3" "∀I"
5707          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5708  AOT_have not_noncontingent_if_contingent:
5709    ¬NonContingent0(φ) if Contingent0(φ) for φ
5710    apply (rule "contingent-properties:3[zero]"[THEN "≡Df",
5711                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5712    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5713  show ?thesis
5714    apply (rule "&I")+
5715    using "thm-relation-negation:6" "∀I"
5716          "∀E"(1)[rotated, OF "log-prop-prop:2"]
5717        apply fast
5718       apply (rule 0)
5719    using "thm-noncont-propos:3" apply fast
5720       apply (rule not_noncontingent_if_contingent)
5721       apply (fact AOT)
5722      apply (rule 0)
5723    apply (rule "thm-noncont-propos:3")
5724      apply (rule not_noncontingent_if_contingent)
5725      apply (rule contingent_neg[THEN "≡E"(1)])
5726      apply (fact AOT)
5727     apply (rule 0)
5728    apply (rule "thm-noncont-propos:4")
5729      apply (rule not_noncontingent_if_contingent)
5730      apply (rule contingent_neg[THEN "≡E"(1)])
5731     apply (fact AOT)
5732    using "thm-relation-negation:6" "∀I"
5733          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5734qed
5735
5736AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
5737  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
5738
5739AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
5740  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
5741
5742AOT_theorem "cont-true-cont:1":
5743  ContingentlyTrue((p))  Contingent0((p))
5744proof(rule "→I")
5745  AOT_assume ContingentlyTrue((p))
5746  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
5747  AOT_have ¬Necessary0((p))
5748    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5749                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5750    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
5751  moreover AOT_have ¬Impossible0((p))
5752    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5753                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5754    apply (rule "conventions:5"[THEN "≡dfE"])
5755    using "T◇"[THEN "→E", OF 1].
5756  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5757    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5758  AOT_thus Contingent0((p))
5759    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5760qed
5761
5762AOT_theorem "cont-true-cont:2":
5763  ContingentlyFalse((p))  Contingent0((p))
5764proof(rule "→I")
5765  AOT_assume ContingentlyFalse((p))
5766  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
5767  AOT_have ¬Necessary0((p))
5768    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5769                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5770    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
5771  moreover AOT_have ¬Impossible0((p))
5772    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5773                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5774    apply (rule "conventions:5"[THEN "≡dfE"])
5775    using 2.
5776  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5777    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5778  AOT_thus Contingent0((p))
5779    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5780qed
5781
5782AOT_theorem "cont-true-cont:3":
5783  ContingentlyTrue((p))  ContingentlyFalse(((p)-))
5784proof(rule "≡I"; rule "→I")
5785  AOT_assume ContingentlyTrue((p))
5786  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5787  AOT_have 1: ContingentlyFalse(¬p)
5788    apply (rule "cont-tf:2"[THEN "≡dfI"])
5789    apply (AOT_subst (reverse) ¬¬p p)
5790    by (auto simp: "oth-class-taut:3:b" 0)
5791  AOT_show ContingentlyFalse(((p)-))
5792    apply (AOT_subst ((p)-) ¬p)
5793    by (auto simp: "thm-relation-negation:3" 1)
5794next
5795  AOT_assume 1: ContingentlyFalse(((p)-))
5796  AOT_have ContingentlyFalse(¬p)
5797    by (AOT_subst (reverse) ¬p ((p)-))
5798       (auto simp: "thm-relation-negation:3" 1)
5799  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
5800  AOT_hence p & ¬p
5801    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
5802  AOT_thus ContingentlyTrue((p))
5803    using "cont-tf:1"[THEN "≡dfI"] by blast
5804qed
5805
5806AOT_theorem "cont-true-cont:4":
5807  ContingentlyFalse((p))  ContingentlyTrue(((p)-))
5808proof(rule "≡I"; rule "→I")
5809  AOT_assume ContingentlyFalse(p)
5810  AOT_hence 0: ¬p & p
5811    using "cont-tf:2"[THEN "≡dfE"] by blast
5812  AOT_have ¬p & ¬¬p
5813    by (AOT_subst (reverse) ¬¬p p)
5814       (auto simp: "oth-class-taut:3:b" 0)
5815  AOT_hence 1: ContingentlyTrue(¬p)
5816    by (rule "cont-tf:1"[THEN "≡dfI"])
5817  AOT_show ContingentlyTrue(((p)-))
5818    by (AOT_subst ((p)-) ¬p)
5819       (auto simp: "thm-relation-negation:3" 1)
5820next
5821  AOT_assume 1: ContingentlyTrue(((p)-))
5822  AOT_have ContingentlyTrue(¬p)
5823    by (AOT_subst (reverse) ¬p ((p)-))
5824       (auto simp add: "thm-relation-negation:3" 1)
5825  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5826  AOT_have p
5827    by (AOT_subst p ¬¬p)
5828       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
5829  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
5830  AOT_thus ContingentlyFalse(p)
5831    by (rule "cont-tf:2"[THEN "≡dfI"])
5832qed
5833
5834AOT_theorem "cont-true-cont:5":
5835  (ContingentlyTrue((p)) & Necessary0((q)))  p  q
5836proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5837  AOT_assume ContingentlyTrue((p))
5838  AOT_hence ¬p
5839    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
5840  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
5841  AOT_assume Necessary0((q))
5842  moreover AOT_assume ¬(p  q)
5843  AOT_hence p = q
5844    using "=-infix"[THEN "≡Df",
5845                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5846                    THEN "≡E"(1)]
5847          "useful-tautologies:1"[THEN "→E"] by blast
5848  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
5849  AOT_hence p
5850    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5851  AOT_thus p & ¬p using 0 "&I" by blast
5852qed
5853
5854AOT_theorem "cont-true-cont:6":
5855  (ContingentlyFalse((p)) & Impossible0((q)))  p  q
5856proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5857  AOT_assume ContingentlyFalse((p))
5858  AOT_hence p
5859    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
5860  AOT_hence 1: ¬¬p
5861    using "conventions:5"[THEN "≡dfE"] by blast
5862  AOT_assume Impossible0((q))
5863  moreover AOT_assume ¬(p  q)
5864  AOT_hence p = q
5865    using "=-infix"[THEN "≡Df",
5866                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5867                    THEN "≡E"(1)]
5868          "useful-tautologies:1"[THEN "→E"] by blast
5869  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
5870  AOT_hence ¬p
5871    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5872  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
5873qed
5874
5875AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
5876  apply (rule "cont-tf:2"[THEN "≡dfI"])
5877  apply (rule "=dfI"(2)[OF q0_def])
5878   apply (fact "log-prop-prop:2")
5879  apply (rule "&I")
5880   apply (fact "no-cnac")
5881  by (fact "qml:4"[axiom_inst])
5882
5883AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
5884  apply (rule "cont-tf:1"[THEN "≡dfI"])
5885  apply (rule "=dfI"(2)[OF q0_def])
5886   apply (fact "log-prop-prop:2")
5887  apply (rule "&I")
5888   apply (rule "thm-relation-negation:3"
5889                [unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
5890     apply (fact "no-cnac")
5891  apply (rule "rule=E"[rotated,
5892                OF "thm-relation-negation:7"
5893                   [unvarify p, OF "log-prop-prop:2", THEN id_sym]])
5894  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
5895  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
5896
5897(* TODO: q0cf-rem skipped for now *)
5898
5899AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5900proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5901  AOT_assume q0
5902  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5903  AOT_thus ContingentlyTrue(q0)
5904    by (rule "cont-tf:1"[THEN "≡dfI"])
5905next
5906  AOT_assume ¬q0
5907  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5908  AOT_hence ContingentlyFalse(q0)
5909    by (rule "cont-tf:2"[THEN "≡dfI"])
5910  AOT_thus ContingentlyTrue(((q0)-))
5911    by (rule "cont-true-cont:4"[unvarify p,
5912                OF "log-prop-prop:2", THEN "≡E"(1)])
5913qed(auto simp: "log-prop-prop:2")
5914
5915
5916AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
5917proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5918  AOT_assume q0
5919  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5920  AOT_hence ContingentlyTrue(q0)
5921    by (rule "cont-tf:1"[THEN "≡dfI"])
5922  AOT_thus ContingentlyFalse(((q0)-))
5923    by (rule "cont-true-cont:3"[unvarify p,
5924                OF "log-prop-prop:2", THEN "≡E"(1)])
5925next
5926  AOT_assume ¬q0
5927  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5928  AOT_thus ContingentlyFalse(q0)
5929    by (rule "cont-tf:2"[THEN "≡dfI"])
5930qed(auto simp: "log-prop-prop:2")
5931
5932AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
5933proof -
5934  fix x
5935  AOT_obtain p1 where ContingentlyTrue((p1))
5936    using "cont-tf-thm:1" "∃E"[rotated] by blast
5937  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5938  AOT_modally_strict {
5939    AOT_have for arbitrary p:  (z p]x  p)
5940      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5941    AOT_hence for arbitrary p:   (z p]x  p)
5942      by (rule RN)
5943    AOT_hence p (z p]x  p) using GEN by fast
5944    AOT_hence (z p1]x  p1) using "∀E" by fast
5945  } note 2 = this
5946  AOT_hence (z p1]x  p1) using "∀E" by blast
5947  AOT_hence z p1]x
5948    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5949  moreover AOT_have ¬z p1]x
5950    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
5951    apply (AOT_subst z p1]x p1)
5952    using 1[THEN "&E"(2)] by blast
5953  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
5954  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
5955  moreover AOT_have z p1] by "cqt:2[lambda]"
5956  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
5957qed
5958
5959(* TODO: inspect modally strict subproof involving obtained variable *)
5960AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
5961proof -
5962  fix x
5963  AOT_obtain p1 where ContingentlyFalse((p1))
5964    using "cont-tf-thm:2" "∃E"[rotated] by blast
5965  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5966  AOT_modally_strict {
5967    AOT_have for arbitrary p:  (z p]x  p)
5968      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5969    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5970      using "oth-class-taut:4:b" "≡E" by blast
5971    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5972      by (rule RN)
5973    AOT_hence p (¬z p]x  ¬p) using GEN by fast
5974    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
5975  } note 2 = this
5976  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
5977  AOT_hence 3: ¬z p1]x
5978    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5979  AOT_modally_strict {
5980    AOT_have for arbitrary p:  (z p]x  p)
5981      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5982    AOT_hence for arbitrary p:  (z p]x  p)
5983      by (rule RN)
5984    AOT_hence p (z p]x  p) using GEN by fast
5985    AOT_hence (z p1]x  p1) using "∀E" by fast
5986  } note 4 = this
5987  AOT_have z p1]x
5988    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
5989    apply (AOT_subst z p1]x p1)
5990    using 1[THEN "&E"(2)] by blast
5991  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
5992  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
5993  moreover AOT_have z p1] by "cqt:2[lambda]"
5994  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
5995qed
5996
5997context
5998begin
5999
6000private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
6001    apply (rule "=dfI"(2)[OF L_def])
6002     apply "cqt:2[lambda]"
6003    apply (rule "beta-C-meta"[THEN "→E"])
6004  by "cqt:2[lambda]"
6005
6006private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
6007    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6008
6009private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
6010proof(rule "≡I"; rule "→I"; (rule "∀I")?)
6011  fix x
6012  AOT_assume 1: φ
6013  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
6014  also AOT_have   φ
6015    using "if-p-then-p" 1 "≡I" "→I" by simp
6016  also AOT_have   z φ]x
6017    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
6018  finally AOT_show [L]x  z φ]x.
6019next
6020  fix x
6021  AOT_assume x([L]x  z φ]x)
6022  AOT_hence [L]x  z φ]x using "∀E" by blast
6023  also AOT_have   φ using eqnotnec_123_Aux_ω.
6024  finally AOT_have φ  [L]x
6025    using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6026  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
6027  finally AOT_show φ using "≡E" "if-p-then-p" by fast
6028qed
6029private lemmas eqnotnec_123_Aux_ξ =
6030  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6031    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6032    THEN "RM◇"]
6033private lemmas eqnotnec_123_Aux_ξ' =
6034  eqnotnec_123_Aux_θ[
6035    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6036    THEN "RM◇"]
6037
6038AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6039proof-
6040  AOT_obtain p1 where ContingentlyTrue(p1)
6041    using "cont-tf-thm:1" "∃E"[rotated] by blast
6042  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
6043  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
6044    apply - apply (rule "&I")
6045    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)]
6046          eqnotnec_123_Aux_ξ "→E" by fast+
6047  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
6048    by (rule "∃I") "cqt:2[lambda]"
6049  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
6050    apply (rule "∃I")
6051    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6052qed
6053
6054AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6055proof-
6056  AOT_obtain p1 where ContingentlyFalse(p1)
6057    using "cont-tf-thm:2" "∃E"[rotated] by blast
6058  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
6059  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
6060    apply - apply (rule "&I")
6061    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6062                             THEN "≡E"(1)]
6063          "&E" eqnotnec_123_Aux_ξ' "→E" by fast+
6064  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
6065    by (rule "∃I") "cqt:2[lambda]"
6066  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
6067    apply (rule "∃I")
6068    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6069qed
6070
6071AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6072proof-
6073  AOT_have ¬𝒜q0
6074    apply (rule "=dfI"(2)[OF q0_def])
6075     apply (fact "log-prop-prop:2")
6076    by (fact AOT)
6077  AOT_hence 𝒜¬q0
6078    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6079  AOT_hence 𝒜¬x ([L]x  z q0]x)
6080    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6081            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6082            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
6083  moreover AOT_have x ([L]x  z q0]x)
6084    using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
6085  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x)
6086    using "&I" by blast
6087  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
6088    by (rule "∃I") "cqt:2[lambda]"
6089  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6090    apply (rule "∃I")
6091    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6092qed
6093
6094end
6095
6096AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6097proof(rule GEN)
6098  fix F
6099  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6100  proof(rule "→I"; rule GEN)
6101    AOT_modally_strict {
6102    fix x
6103    AOT_assume 0: ψ
6104    AOT_have z [F]z & ψ]x  [F]x & ψ
6105      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6106    also AOT_have ...  [F]x
6107      apply (rule "≡I"; rule "→I")
6108      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6109      apply blast
6110      using 0 "&I" by blast
6111    finally AOT_show [F]x  z [F]z & ψ]x
6112      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6113    }
6114  qed
6115
6116  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6117  proof (rule "→I"; rule GEN)
6118    AOT_modally_strict {
6119      fix x
6120      AOT_assume 0: ψ
6121      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6122        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6123      also AOT_have ...  [F]x
6124        apply (rule "≡I"; rule "→I")
6125        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6126              "&E"
6127         apply blast
6128        apply (rule "∨I"(1)) using 0 "&I" by blast
6129      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6130        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6131    }
6132  qed
6133
6134  AOT_have Aux_C:
6135     ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6136  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
6137  AOT_modally_strict {
6138      AOT_assume 0: ¬ψ
6139      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6140      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6141        using "∀E" by blast
6142      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6143          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6144      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6145        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6146      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6147        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6148      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
6149      ultimately AOT_have ψ using "≡E" "&E" by metis
6150      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6151    }
6152  qed
6153
6154  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6155      (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6156       ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6157  proof (rule "→I")
6158    AOT_assume A: z([F]z  z [F]z & ψ]z)
6159    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6160              ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6161    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
6162          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
6163          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6164      AOT_modally_strict {
6165        AOT_assume z ([F]z  z [F]z & ψ]z)
6166        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6167          using "∀E" by blast
6168        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6169        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6170          using "∀E" by blast
6171        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6172          using "≡E" 1 2 by meson
6173        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6174          by (rule GEN)
6175      }
6176    next
6177      AOT_modally_strict {
6178        AOT_assume z ([F]z  z [F]z & ψ]z)
6179        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6180          using "∀E" by blast
6181        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6182        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6183          using "∀E" by blast
6184        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6185          using 1 2 "≡E" by meson
6186        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6187          by (rule GEN)
6188      }
6189    qed(auto simp: A)
6190  qed
6191
6192  AOT_obtain p1 where p1_prop: p1 & ¬p1
6193    using "cont-tf-thm:1" "∃E"[rotated]
6194          "cont-tf:1"[THEN "≡dfE"] by blast
6195  {
6196    AOT_assume 1: x([F]x  z [F]z & p1]x)
6197    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6198      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6199    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6200      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6201    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6202      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6203    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) &
6204               ¬x([F]x  z [F]z & p1  ¬p1]x)
6205      using 2 "&I" by blast
6206    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6207      by (rule "∃I"(1)) "cqt:2[lambda]"
6208  }
6209  moreover {
6210    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6211    AOT_hence ¬x([F]x  z [F]z & p1]x)
6212      using "KBasic:11"[THEN "≡E"(1)] by blast
6213    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
6214      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
6215    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6216      by (rule "∃I"(1)) "cqt:2[lambda]"
6217  }
6218  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6219    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6220qed
6221
6222AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6223proof(rule GEN)
6224  fix F
6225  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6226  proof(rule "RM◇"; rule "→I"; rule GEN)
6227    AOT_modally_strict {
6228    fix x
6229    AOT_assume 0: ψ
6230    AOT_have z [F]z & ψ]x  [F]x & ψ
6231      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6232    also AOT_have ...  [F]x
6233      apply (rule "≡I"; rule "→I")
6234      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6235       apply blast
6236      using 0 "&I" by blast
6237    finally AOT_show [F]x  z [F]z & ψ]x
6238      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6239    }
6240  qed
6241
6242  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6243  proof (rule "RM◇"; rule "→I"; rule GEN)
6244    AOT_modally_strict {
6245      fix x
6246      AOT_assume 0: ψ
6247      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6248        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6249      also AOT_have ...  [F]x
6250        apply (rule "≡I"; rule "→I")
6251        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6252         apply blast
6253        apply (rule "∨I"(1)) using 0 "&I" by blast
6254      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6255        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6256    }
6257  qed
6258
6259  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6260  proof(rule "→I"; rule "raa-cor:2")
6261  AOT_modally_strict {
6262      AOT_assume 0: ¬ψ
6263      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6264      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6265        using "∀E" by blast
6266      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6267          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6268      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6269        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6270      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6271        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6272      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6273        using 0 "∨I" by blast
6274      ultimately AOT_have ψ using "≡E" "&E" by metis
6275      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6276    }
6277  qed
6278
6279  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6280    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6281     ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6282  proof (rule "→I"; rule "≡I";
6283         (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6284    AOT_modally_strict {
6285      AOT_assume z ([F]z  z [F]z & ψ]z)
6286      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6287        using "∀E" by blast
6288      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6289      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6290        using "∀E" by blast
6291      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6292        using "≡E" 1 2 by meson
6293      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6294        by (rule GEN)
6295    }
6296  next
6297    AOT_modally_strict {
6298      AOT_assume z ([F]z  z [F]z & ψ]z)
6299      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6300        using "∀E" by blast
6301      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6302      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6303        using "∀E" by blast
6304      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6305        using 1 2 "≡E" by meson
6306      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6307        by (rule GEN)
6308    }
6309  qed
6310
6311  AOT_obtain p1 where p1_prop: ¬p1 & p1
6312    using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
6313  {
6314    AOT_assume 1: x([F]x  z [F]z & p1]x)
6315    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6316      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6317    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6318      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6319    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6320      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6321    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) &
6322               x([F]x  z [F]z & p1  ¬p1]x)
6323      using 2 "&I" by blast
6324    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6325      by (rule "∃I"(1)) "cqt:2[lambda]"
6326  }
6327  moreover {
6328    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6329    AOT_hence ¬x([F]x  z [F]z & p1]x)
6330      using "KBasic:11"[THEN "≡E"(1)] by blast
6331    AOT_hence ¬x ([F]x  z [F]z & p1]x) &
6332               x([F]x  z [F]z & p1]x)
6333      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
6334    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6335      by (rule "∃I"(1)) "cqt:2[lambda]"
6336  }
6337  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6338    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6339qed
6340
6341AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6342proof(rule GEN)
6343  fix F
6344  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6345  proof(rule "RM◇"; rule "→I"; rule GEN)
6346    AOT_modally_strict {
6347    fix x
6348    AOT_assume 0: ψ
6349    AOT_have z [F]z & ψ]x  [F]x & ψ
6350      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6351    also AOT_have ...  [F]x
6352      apply (rule "≡I"; rule "→I")
6353      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6354            "&E"
6355       apply blast
6356      using 0 "&I" by blast
6357    finally AOT_show [F]x  z [F]z & ψ]x
6358      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6359    }
6360  qed
6361
6362  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6363  proof (rule "RM◇"; rule "→I"; rule GEN)
6364    AOT_modally_strict {
6365      fix x
6366      AOT_assume 0: ψ
6367      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6368        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6369      also AOT_have ...  [F]x
6370        apply (rule "≡I"; rule "→I")
6371        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6372         apply blast
6373        apply (rule "∨I"(1)) using 0 "&I" by blast
6374      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6375        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6376    }
6377  qed
6378
6379  AOT_have Aux_C:
6380     𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6381  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
6382  AOT_modally_strict {
6383      AOT_assume 0: ¬ψ
6384      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6385      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6386        using "∀E" by blast
6387      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6388          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6389      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6390        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6391      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6392        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6393      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6394        using 0 "∨I" by blast
6395      ultimately AOT_have ψ using "≡E" "&E" by metis
6396      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6397    }
6398  qed
6399
6400  AOT_have (z ([F]z  z [F]z & ψ]z) 
6401    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6402     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6403  proof (rule RN; rule "→I")
6404    AOT_modally_strict {
6405        AOT_assume z ([F]z  z [F]z & ψ]z)
6406        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6407                  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6408          apply -
6409        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6410          AOT_assume z ([F]z  z [F]z & ψ]z)
6411          AOT_hence 1: [F]z  z [F]z & ψ]z for z
6412            using "∀E" by blast
6413          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6414          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6415            using "∀E" by blast
6416          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6417            using "≡E" 1 2 by meson
6418          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6419            by (rule GEN)
6420        next
6421            AOT_assume z ([F]z  z [F]z & ψ]z)
6422            AOT_hence 1: [F]z  z [F]z & ψ]z for z
6423              using "∀E" by blast
6424            AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6425            AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6426              using "∀E" by blast
6427            AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6428              using 1 2 "≡E" by meson
6429            AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6430              by (rule GEN)
6431        qed
6432    }
6433  qed
6434  AOT_hence 𝒜(z ([F]z  z [F]z & ψ]z) 
6435    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6436     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6437    using "nec-imp-act"[THEN "→E"] by blast
6438  AOT_hence 𝒜z ([F]z  z [F]z & ψ]z) 
6439    𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6440    ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6441    using "act-cond"[THEN "→E"] by blast
6442  AOT_hence Aux_D: 𝒜z ([F]z  z [F]z & ψ]z) 
6443    (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6444     𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6445    by (auto intro!: "→I" "Act-Basic:5"[THEN "≡E"(1)] dest!: "→E")
6446
6447  AOT_have ¬𝒜q0
6448    apply (rule "=dfI"(2)[OF q0_def])
6449     apply (fact "log-prop-prop:2")
6450    by (fact AOT)
6451  AOT_hence q0_prop_1: 𝒜¬q0
6452    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6453  {
6454    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
6455    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
6456      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
6457    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
6458      using Aux_C[THEN "→E", OF q0_prop_1].
6459    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
6460      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6461    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) &
6462               x([F]x  z [F]z & q0  ¬q0]x)
6463      using 2 "&I" by blast
6464    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6465      by (rule "∃I"(1)) "cqt:2[lambda]"
6466  }
6467  moreover {
6468    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
6469    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
6470      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6471    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
6472      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
6473    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6474      by (rule "∃I"(1)) "cqt:2[lambda]"
6475  }
6476  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6477    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6478qed
6479
6480AOT_theorem "oa-contingent:1": O!  A!
6481proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6482  fix x
6483  AOT_assume 1: O! = A!
6484  AOT_hence x E!x] = A!
6485    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6486  AOT_hence x E!x] = x ¬E!x]
6487    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6488  moreover AOT_have x E!x]x  E!x
6489    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6490  ultimately AOT_have x ¬E!x]x  E!x
6491    using "rule=E" by fast
6492  moreover AOT_have x ¬E!x]x  ¬E!x
6493    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6494  ultimately AOT_have E!x  ¬E!x
6495    using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
6496  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)"
6497    using "oth-class-taut:3:c" "&I" by blast
6498qed
6499
6500AOT_theorem "oa-contingent:2": O!x  ¬A!x
6501proof -
6502  AOT_have O!x  x E!x]x
6503    apply (rule "≡I"; rule "→I")
6504     apply (rule "=dfE"(2)[OF AOT_ordinary])
6505      apply "cqt:2[lambda]"
6506     apply argo
6507    apply (rule  "=dfI"(2)[OF AOT_ordinary])
6508     apply "cqt:2[lambda]"
6509    by argo
6510  also AOT_have   E!x
6511    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6512  also AOT_have   ¬¬E!x
6513    using "oth-class-taut:3:b".
6514  also AOT_have   ¬x ¬E!x]x
6515    by (rule "beta-C-meta"[THEN "→E",
6516              THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6517       "cqt:2"
6518  also AOT_have   ¬A!x
6519    apply (rule "≡I"; rule "→I")
6520     apply (rule "=dfI"(2)[OF AOT_abstract])
6521      apply "cqt:2[lambda]"
6522     apply argo
6523    apply (rule "=dfE"(2)[OF AOT_abstract])
6524     apply "cqt:2[lambda]"
6525    by argo
6526  finally show ?thesis.
6527qed
6528
6529AOT_theorem "oa-contingent:3": A!x  ¬O!x
6530  by (AOT_subst A!x ¬¬A!x)
6531     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN
6532         "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6533
6534AOT_theorem "oa-contingent:4": Contingent(O!)
6535proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)];
6536       rule "&I")
6537  AOT_have x E!x using "thm-cont-e:3" .
6538  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6539  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6540  AOT_hence x E!x]a
6541    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2"
6542  AOT_hence O!a
6543    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
6544  AOT_hence x O!x using "∃I" by blast
6545  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
6546next
6547  AOT_obtain a where A!a
6548    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6549  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
6550  AOT_hence x ¬O!x using "∃I" by fast
6551  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
6552qed
6553
6554AOT_theorem "oa-contingent:5": Contingent(A!)
6555proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)];
6556       rule "&I")
6557  AOT_obtain a where A!a
6558    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6559  AOT_hence x A!x using "∃I" by fast
6560  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
6561next
6562  AOT_have x E!x using "thm-cont-e:3" .
6563  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6564  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6565  AOT_hence x E!x]a
6566    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
6567  AOT_hence O!a
6568    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6569  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
6570  AOT_hence x ¬A!x using "∃I" by fast
6571  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
6572qed
6573
6574AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
6575proof -
6576  AOT_have O!x  ¬A!x
6577    using "oa-contingent:2" by blast
6578  also AOT_have   A!-x
6579    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
6580  finally AOT_have 1: O!x  A!-x.
6581
6582  AOT_have A!x  ¬O!x
6583    using "oa-contingent:3" by blast
6584  also AOT_have   O!-x
6585    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
6586  finally AOT_have 2: A!x  O!-x.
6587
6588  AOT_show O!-x  ¬A!-x
6589    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
6590          "oa-contingent:3"[of _ x] 2[symmetric]
6591          "≡E"(5) by blast
6592qed
6593
6594AOT_theorem "oa-contingent:6": O!-  A!-
6595proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6596  AOT_assume 1: O!- = A!-
6597  fix x
6598  AOT_have A!-x  O!-x
6599    apply (rule "rule=E"[rotated, OF 1])
6600    by (fact "oth-class-taut:3:a")
6601  AOT_hence A!-x  ¬A!-x
6602    using "oa-contingent:7" "≡E" by fast
6603  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x)
6604    using "oth-class-taut:3:c" "&I" by blast
6605qed
6606
6607AOT_theorem "oa-contingent:8": Contingent(O!-)
6608  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1),
6609          OF "oa-contingent:4"].
6610
6611AOT_theorem "oa-contingent:9": Contingent(A!-)
6612  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1),
6613          OF "oa-contingent:5"].
6614
6615AOT_define WeaklyContingent :: ‹Π  φ› (WeaklyContingent'(_'))
6616  "df-cont-nec":
6617  WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)
6618
6619AOT_theorem "cont-nec-fact1:1":
6620  WeaklyContingent([F])  WeaklyContingent([F]-)
6621proof -
6622  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
6623    using "df-cont-nec"[THEN "≡Df"] by blast
6624  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
6625    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
6626    using "thm-cont-prop:3".
6627  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
6628  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)];
6629         rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
6630    fix x
6631    AOT_assume 0: x ([F]x  [F]x)
6632    AOT_assume 1: [F]-x
6633    AOT_have ¬[F]x
6634      by (AOT_subst (reverse) ¬[F]x [F]-x)
6635         (auto simp add: "thm-relation-negation:1" 1)
6636    AOT_hence 2: ¬[F]x
6637      using "KBasic:11"[THEN "≡E"(2)] by blast
6638    AOT_show [F]-x
6639    proof (rule "raa-cor:1")
6640      AOT_assume 3: ¬[F]-x
6641      AOT_have ¬¬[F]x
6642        by (AOT_subst (reverse) ¬[F]x [F]-x)
6643           (auto simp add: "thm-relation-negation:1" 3)
6644      AOT_hence [F]x
6645        using "conventions:5"[THEN "≡dfI"] by simp
6646      AOT_hence [F]x using 0 "∀E" "→E" by fast
6647      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
6648    qed
6649  next
6650    fix x
6651    AOT_assume 0: x ([F]-x  [F]-x)
6652    AOT_assume 1: [F]x
6653    AOT_have ¬[F]-x
6654      by (AOT_subst ¬[F]-x [F]x)
6655         (auto simp: "thm-relation-negation:2" 1)
6656    AOT_hence 2: ¬[F]-x
6657      using "KBasic:11"[THEN "≡E"(2)] by blast
6658    AOT_show [F]x
6659    proof (rule "raa-cor:1")
6660      AOT_assume 3: ¬[F]x
6661      AOT_have ¬¬[F]-x
6662        by (AOT_subst ¬[F]-x [F]x)
6663           (auto simp add: "thm-relation-negation:2" 3)
6664      AOT_hence [F]-x
6665        using "conventions:5"[THEN "≡dfI"] by simp
6666      AOT_hence [F]-x using 0 "∀E" "→E" by fast
6667      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
6668    qed
6669  qed
6670  also AOT_have   WeaklyContingent([F]-)
6671    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
6672  finally show ?thesis.
6673qed
6674
6675AOT_theorem "cont-nec-fact1:2":
6676  (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
6677proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6678  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
6679  AOT_hence WeaklyContingent([F]) using "&E" by blast
6680  moreover AOT_assume F = G
6681  ultimately AOT_have WeaklyContingent([G])
6682    using "rule=E" by blast
6683  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
6684    using 1 "&I" "&E" by blast
6685qed
6686
6687AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
6688proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6689  AOT_show Contingent(O!)
6690    using "oa-contingent:4".
6691next
6692  AOT_show x ([O!]x  [O!]x)
6693    apply (rule GEN; rule "→I")
6694    using "oa-facts:5"[THEN "≡E"(1)] by blast
6695qed
6696
6697
6698AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
6699proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6700  AOT_show Contingent(A!)
6701    using "oa-contingent:5".
6702next
6703  AOT_show x ([A!]x  [A!]x)
6704    apply (rule GEN; rule "→I")
6705    using "oa-facts:6"[THEN "≡E"(1)] by blast
6706qed
6707
6708AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
6709proof (rule "df-cont-nec"[THEN "≡Df",
6710                          THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6711                          THEN "≡E"(2)];
6712       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
6713  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
6714  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
6715  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
6716  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
6717  moreover AOT_assume x ([E!]x  [E!]x)
6718  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
6719  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
6720  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
6721  moreover AOT_have ¬𝒜E!a
6722    using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
6723  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
6724  AOT_thus p & ¬p for p using "raa-cor:1" by blast
6725qed
6726
6727AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
6728  apply (rule "df-cont-nec"[THEN "≡Df",
6729                            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6730                            THEN "≡E"(2)];
6731       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
6732  apply (rule "contingent-properties:4"
6733                [THEN "≡Df",
6734                 THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6735                 THEN "≡E"(2)])
6736  apply (rule DeMorgan(1)[THEN "≡E"(2)];
6737         rule "∨I"(2);
6738         rule "useful-tautologies:2"[THEN "→E"])
6739  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
6740
6741(* TODO: cleanup *)
6742AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
6743proof -
6744  AOT_have 1: L
6745    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6746  {
6747    fix φ and Π Π' :: <κ>
6748    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6749    proof (rule "raa-cor:2")
6750      AOT_assume φ{Π'}  φ{Π}
6751      AOT_hence φ{Π'} using that(1) "≡E" by blast
6752      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6753    qed
6754    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6755      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6756                                 OF that(1,2), OF A[OF that(3, 4)]].
6757  } note 0 = this
6758  show ?thesis
6759    apply(safe intro!: "&I"; rule 0)
6760    using "cqt:2[concrete]"[axiom_inst] apply blast
6761    using "oa-exist:1" apply blast
6762    using "cont-nec-fact2:3" apply fast
6763    apply (rule "useful-tautologies:2"[THEN "→E"])
6764    using "cont-nec-fact2:1" apply fast
6765    using "rel-neg-T:3" apply fast
6766    using "oa-exist:1" apply blast
6767    using "cont-nec-fact1:1"[unvarify F,
6768            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6769            THEN "≡E"(1), rotated, OF "cont-nec-fact2:3",
6770            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6771    apply (rule "useful-tautologies:2"[THEN "→E"])
6772    using "cont-nec-fact2:1" apply blast
6773    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6774    using "oa-exist:1" apply fast
6775    using "cont-nec-fact2:4" apply fast
6776    apply (rule "useful-tautologies:2"[THEN "→E"])
6777    using "cont-nec-fact2:1" apply fast
6778    using "rel-neg-T:3" apply fast
6779    using "oa-exist:1" apply fast
6780     apply (rule "cont-nec-fact1:1"[unvarify F,
6781                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6782                    THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6783    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6784    apply (rule "useful-tautologies:2"[THEN "→E"])
6785    using "cont-nec-fact2:1" by blast
6786qed
6787
6788(* TODO: cleanup together with above *)
6789AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
6790proof -
6791  AOT_have 1: L
6792    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6793  {
6794    fix φ and Π Π' :: <κ>
6795    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6796    proof (rule "raa-cor:2")
6797      AOT_assume φ{Π'}  φ{Π}
6798      AOT_hence φ{Π'} using that(1) "≡E" by blast
6799      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6800    qed
6801    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6802      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6803              OF that(1,2), OF A[OF that(3, 4)]].
6804  } note 0 = this
6805  show ?thesis
6806    apply(safe intro!: "&I"; rule 0)
6807    using "cqt:2[concrete]"[axiom_inst] apply blast
6808    using "oa-exist:2" apply blast
6809    using "cont-nec-fact2:3" apply fast
6810    apply (rule "useful-tautologies:2"[THEN "→E"])
6811    using "cont-nec-fact2:2" apply fast
6812    using "rel-neg-T:3" apply fast
6813    using "oa-exist:2" apply blast
6814    using "cont-nec-fact1:1"[unvarify F,
6815            THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1),
6816            rotated, OF "cont-nec-fact2:3",
6817            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6818    apply (rule "useful-tautologies:2"[THEN "→E"])
6819    using "cont-nec-fact2:2" apply blast
6820    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6821    using "oa-exist:2" apply fast
6822    using "cont-nec-fact2:4" apply fast
6823    apply (rule "useful-tautologies:2"[THEN "→E"])
6824    using "cont-nec-fact2:2" apply fast
6825    using "rel-neg-T:3" apply fast
6826    using "oa-exist:2" apply fast
6827     apply (rule "cont-nec-fact1:1"[unvarify F,
6828              THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6829              THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6830     apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6831    apply (rule "useful-tautologies:2"[THEN "→E"])
6832    using "cont-nec-fact2:2" by blast
6833qed
6834
6835AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
6836  Δp df p  (¬𝒜p & p)
6837
6838AOT_theorem sixteen:
6839 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
6840  «F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 &
6841    F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 &
6842    F1  F14 & F1  F15 & F1  F16 &
6843  F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 &
6844    F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 &
6845    F2  F15 & F2  F16 &
6846  F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 &
6847    F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
6848  F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 &
6849    F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
6850  F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 &
6851    F5  F13 & F5  F14 & F5  F15 & F5  F16 &
6852  F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 &
6853    F6  F14 & F6  F15 & F6  F16 &
6854  F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 &
6855    F7  F15 & F7  F16 &
6856  F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 &
6857    F8  F16 &
6858  F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
6859  F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
6860  F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
6861  F12  F13 & F12  F14 & F12  F15 & F12  F16 &
6862  F13  F14 & F13  F15 & F13  F16 &
6863  F14  F15 & F14  F16 &
6864  F15  F16) 
6865proof -
6866  AOT_have Delta_pos: Δφ  φ for φ
6867  proof(rule "→I")
6868    AOT_assume Δφ
6869    AOT_hence φ  (¬𝒜φ & φ)
6870      using "≡dfE"[OF necessary_or_contingently_false] by blast
6871    moreover {
6872      AOT_assume φ
6873      AOT_hence φ
6874        by (metis "B◇" "T◇" "vdash-properties:10")
6875    }
6876    moreover {
6877      AOT_assume ¬𝒜φ & φ
6878      AOT_hence φ
6879        using "&E" by blast
6880    }
6881    ultimately AOT_show φ
6882      by (metis "∨E"(2) "raa-cor:1") 
6883  qed
6884
6885  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6886    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false
6887          "raa-cor:3" that(1,2) by blast
6888  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6889    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1,2) by blast
6890  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
6891    using Delta_pos "modus-tollens:1" that by blast
6892  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
6893    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1,2))
6894  AOT_have nec_delta: Δφ if φ for φ
6895    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
6896
6897  AOT_obtain a where a_prop: A!a
6898    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6899  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
6900    using "pos-not-pna:3" using "∃E"[rotated] by blast
6901
6902  AOT_have b_ord: [O!]b
6903  proof(rule "=dfI"(2)[OF AOT_ordinary])
6904    AOT_show x [E!]x] by "cqt:2[lambda]"
6905  next
6906    AOT_show x [E!]x]b
6907    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
6908      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
6909      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
6910    qed
6911  qed
6912
6913  AOT_have nec_not_L_neg: ¬[L-]x for x
6914    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
6915          CBF[THEN "→E"] "∀E" by blast
6916  AOT_have nec_L: [L]x for x
6917    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
6918      CBF[THEN "→E"] "∀E" by blast
6919
6920  AOT_have act_ord_b: 𝒜[O!]b
6921    using b_ord "≡E"(1) "oa-facts:7" by blast
6922  AOT_have delta_ord_b: Δ[O!]b
6923    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false
6924              "oa-facts:1" "→E")
6925  AOT_have not_act_ord_a: ¬𝒜[O!]a
6926    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
6927  AOT_have not_delta_ord_a: ¬Δ[O!]a
6928    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7"
6929              "reductio-aa:1" "→E")
6930
6931  AOT_have not_act_abs_b: ¬𝒜[A!]b
6932    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
6933  AOT_have not_delta_abs_b: ¬Δ[A!]b
6934  proof(rule "raa-cor:2")
6935    AOT_assume Δ[A!]b
6936    AOT_hence [A!]b
6937      by (metis Delta_pos "vdash-properties:10")
6938    AOT_thus [A!]b & ¬[A!]b
6939      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2"
6940                "oa-facts:4" "→E")
6941  qed
6942  AOT_have act_abs_a: 𝒜[A!]a
6943    using a_prop "≡E"(1) "oa-facts:8" by blast
6944  AOT_have delta_abs_a: Δ[A!]a
6945    by (metis "≡dfI" a_prop "oa-facts:2" "→E" "∨I"(1)
6946              necessary_or_contingently_false)
6947
6948  AOT_have not_act_concrete_b: ¬𝒜[E!]b
6949    using b_prop "&E"(2) by blast
6950  AOT_have delta_concrete_b: Δ[E!]b
6951  proof (rule "≡dfI"[OF necessary_or_contingently_false];
6952         rule "∨I"(2); rule "&I")
6953    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
6954  next
6955    AOT_show [E!]b using b_prop "&E"(1) by blast
6956  qed
6957  AOT_have not_act_concrete_a: ¬𝒜[E!]a
6958  proof (rule "raa-cor:2")
6959    AOT_assume 𝒜[E!]a
6960    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "→E")
6961    AOT_have [A!]a by (simp add: a_prop)
6962    AOT_hence x ¬[E!]x]a
6963      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2"
6964    AOT_hence ¬[E!]a using "β→C"(1) by blast
6965    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6966  qed
6967  AOT_have not_delta_concrete_a: ¬Δ[E!]a
6968  proof (rule "raa-cor:2")
6969    AOT_assume Δ[E!]a
6970    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
6971    AOT_have [A!]a by (simp add: a_prop)
6972    AOT_hence x ¬[E!]x]a
6973      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6974    AOT_hence ¬[E!]a using "β→C"(1) by blast
6975    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6976  qed
6977
6978  AOT_have not_act_q_zero: ¬𝒜q0
6979    by (meson "log-prop-prop:2" "pos-not-pna:1"
6980              q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
6981  AOT_have delta_q_zero: Δq0
6982  proof(rule "≡dfI"[OF necessary_or_contingently_false];
6983        rule "∨I"(2); rule "&I")
6984    AOT_show ¬𝒜q0 using not_act_q_zero.
6985    AOT_show q0 by (meson "&E"(1) q0_prop)
6986  qed
6987  AOT_have act_not_q_zero: 𝒜¬q0
6988    using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
6989  AOT_have not_delta_not_q_zero: ¬Δ¬q0
6990    using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
6991          "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
6992
6993  AOT_have [L-] by (simp add: "rel-neg-T:3")
6994  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
6995  proof (safe intro!: "&I")
6996    AOT_show ¬𝒜[L-]b
6997      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act"
6998                nec_not_L_neg "→E")
6999    AOT_show ¬Δ[L-]b
7000      by (meson Delta_pos "KBasic2:1" "≡E"(1)
7001                "modus-tollens:1" nec_not_L_neg)
7002    AOT_show ¬𝒜[L-]a
7003      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst]
7004                "nec-imp-act" nec_not_L_neg "→E")
7005    AOT_show ¬Δ[L-]a
7006      using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1"
7007            nec_not_L_neg by blast
7008  qed
7009  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
7010    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7011  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
7012    using "&E" by blast+
7013  note props = this
7014
7015  let  = "«y [A!]y & q0]»"
7016  AOT_modally_strict {
7017    AOT_have [«»] by "cqt:2[lambda]"
7018  } note 1 = this
7019  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7020  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
7021    AOT_show ¬𝒜([A!]b & q0)
7022      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7023  next AOT_show ¬Δ([A!]b & q0)
7024      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b
7025                "oa-facts:4" "oa-facts:8" "raa-cor:3" "→E")
7026  next AOT_show ¬𝒜([A!]a & q0)
7027      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero
7028            "raa-cor:3" by blast
7029  next AOT_show Δ([A!]a & q0)
7030    proof (rule not_act_and_pos_delta)
7031      AOT_show ¬𝒜([A!]a & q0)
7032        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero
7033              "raa-cor:3" by blast
7034    next AOT_show ([A!]a & q0)
7035        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a
7036                  "≡E"(1) "oa-facts:6" q0_prop)
7037    qed
7038  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7039  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
7040    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7041  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
7042    using "&E" by blast+
7043  note props = props this
7044
7045  let  = "«y [A!]y & ¬q0]»"
7046  AOT_modally_strict {
7047    AOT_have [«»] by "cqt:2[lambda]"
7048  } note 1 = this
7049  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7050  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
7051    AOT_show ¬𝒜([A!]b & ¬q0)
7052      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7053  next AOT_show ¬Δ([A!]b & ¬q0)
7054      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4)
7055                "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
7056  next AOT_show 𝒜([A!]a & ¬q0)
7057      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7058                "≡E"(3) not_act_q_zero "raa-cor:3")
7059  next AOT_show ¬Δ([A!]a & ¬q0)
7060    proof (rule act_and_not_nec_not_delta)
7061      AOT_show 𝒜([A!]a & ¬q0)
7062        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7063                  "≡E"(3) not_act_q_zero "raa-cor:3")
7064    next
7065      AOT_show ¬([A!]a & ¬q0)
7066        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4)
7067                  q0_prop "raa-cor:3")
7068    qed
7069  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7070  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
7071    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7072  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
7073    using "&E" by blast+
7074  note props = props this
7075
7076  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
7077    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b
7078    by presburger
7079  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
7080    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
7081  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
7082    using "&E" by blast+
7083  note props = props this
7084
7085  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
7086    by (meson "&I" delta_concrete_b not_act_concrete_a
7087              not_act_concrete_b not_delta_concrete_a)
7088  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
7089    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7090    by fastforce
7091  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
7092    using "&E" by blast+
7093  note props = props this
7094
7095  AOT_modally_strict {
7096    AOT_have y q0] by "cqt:2[lambda]"
7097  } note 1 = this
7098  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
7099    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
7100       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
7101  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
7102    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7103    by fastforce
7104  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
7105    using "&E" by blast+
7106  note props = props this
7107
7108  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
7109  AOT_modally_strict {
7110    AOT_have [«»] by "cqt:2[lambda]"
7111  } note 1 = this
7112  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7113  proof(safe intro!: "&I";
7114        AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
7115    AOT_have 𝒜¬([A!]b & ¬q0)
7116      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
7117                "≡E"(1) "raa-cor:3")
7118    moreover AOT_have ¬𝒜[E!]b
7119      using b_prop "&E"(2) by blast
7120    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
7121      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
7122    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
7123      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
7124         (auto simp: "oth-class-taut:5:d" 2)
7125    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
7126      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
7127  next
7128    AOT_show Δ([E!]b  ([A!]b & ¬q0))
7129    proof (rule not_act_and_pos_delta)
7130      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
7131        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "raa-cor:3"
7132                  "Conjunction Simplification"(1) "≡E"(4)
7133                  "modus-tollens:1" not_act_abs_b not_act_concrete_b)
7134    next
7135      AOT_show ([E!]b  ([A!]b & ¬q0))
7136        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
7137    qed
7138  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7139      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7140                "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7141  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
7142    proof (rule act_and_not_nec_not_delta)
7143      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7144        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7145                  "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7146    next
7147      AOT_have ¬[E!]a
7148        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2)
7149                  necessary_or_contingently_false
7150                  not_act_concrete_a not_delta_concrete_a "raa-cor:3")
7151      moreover AOT_have ¬([A!]a & ¬q0)
7152        by (metis "KBasic2:1" "KBasic:11" "KBasic:3"
7153                  "&E"(1,2) "≡E"(1) q0_prop "raa-cor:3")
7154      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0))
7155        by (metis "KBasic:16" "&I" "vdash-properties:10")
7156      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
7157        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
7158      AOT_thus ¬([E!]a  ([A!]a & ¬q0))
7159        by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
7160    qed
7161  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7162  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
7163    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7164  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
7165    using "&E" by blast+
7166  note props = props this
7167
7168  let  = "«y [A!]y  [E!]y]»"
7169  AOT_modally_strict {
7170    AOT_have [«»] by "cqt:2[lambda]"
7171  } note 1 = this
7172  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
7173  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
7174    AOT_show ¬𝒜([A!]b  [E!]b)
7175      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7176            not_act_concrete_b "raa-cor:3" by blast
7177  next AOT_show Δ([A!]b  [E!]b)
7178    proof (rule not_act_and_pos_delta)
7179      AOT_show ¬𝒜([A!]b  [E!]b)
7180        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7181              not_act_concrete_b "raa-cor:3" by blast
7182    next AOT_show ([A!]b  [E!]b)
7183        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
7184    qed
7185  next AOT_show 𝒜([A!]a  [E!]a)
7186      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
7187  next AOT_show Δ([A!]a  [E!]a)
7188    proof (rule nec_delta)
7189      AOT_show ([A!]a  [E!]a)
7190        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta
7191                  "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "→E")
7192    qed
7193  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7194  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
7195    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7196  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
7197    using "&E" by blast+
7198  note props = props this
7199
7200  let  = "«y [O!]y & ¬[E!]y]»"
7201  AOT_modally_strict {
7202    AOT_have [«»] by "cqt:2[lambda]"
7203  } note 1 = this
7204  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
7205  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
7206    AOT_show 𝒜([O!]b & ¬[E!]b)
7207      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2)
7208                "≡E"(3) not_act_concrete_b "raa-cor:3")
7209  next AOT_show ¬Δ([O!]b & ¬[E!]b)
7210      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1"
7211                act_and_not_nec_not_delta "act-conj-act:3"
7212                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2)
7213                "df-rules-formulas[3]"
7214                "≡E"(3) "raa-cor:1" "→E")
7215  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
7216      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
7217  next AOT_have ¬([O!]a & ¬[E!]a)
7218      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3"
7219                "oa-facts:7" "raa-cor:3" "vdash-properties:10")
7220    AOT_thus ¬Δ([O!]a & ¬[E!]a)
7221      by (rule impossible_delta)
7222  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7223  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
7224    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7225  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
7226    using "&E" by blast+
7227  note props = props this
7228
7229  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
7230  AOT_modally_strict {
7231    AOT_have [«»] by "cqt:2[lambda]"
7232  } note 1 = this
7233  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7234  proof(safe intro!: "&I";
7235        AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
7236    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7237      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7238                "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7239  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
7240    proof (rule act_and_pos_not_not_delta)
7241      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7242        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7243                  "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7244    next
7245      AOT_show ¬(¬[E!]b & ([O!]b  q0))
7246      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
7247        AOT_modally_strict {
7248          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
7249            by (metis "&I" "&E"(1,2) "∨I"(1,2) "∨E"(2)
7250                      "→I" "≡I" "reductio-aa:1")
7251        }
7252      next
7253        AOT_show ([E!]b  ¬([O!]b  q0))
7254          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3)
7255                "raa-cor:3" by blast
7256       qed
7257     qed
7258   next
7259     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7260       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7261             not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
7262   next
7263     AOT_show Δ(¬[E!]a & ([O!]a  q0))
7264     proof (rule not_act_and_pos_delta)
7265       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7266         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7267                   not_act_ord_a not_act_q_zero "reductio-aa:2")
7268     next
7269       AOT_have ¬[E!]a
7270         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a
7271               not_delta_concrete_a "raa-cor:5" by blast
7272       moreover AOT_have ([O!]a  q0)
7273         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
7274       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
7275         by (metis "KBasic:16" "&I" "vdash-properties:10")
7276     qed
7277   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
7278  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
7279    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7280  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
7281    using "&E" by blast+
7282  note props = props this
7283
7284  AOT_modally_strict {
7285    AOT_have y ¬q0] by "cqt:2[lambda]"
7286  } note 1 = this
7287  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
7288    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
7289       (auto simp: act_not_q_zero not_delta_not_q_zero
7290                   "beta-C-meta"[THEN "→E", OF 1])
7291  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
7292    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7293  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
7294    using "&E" by blast+
7295  note props = props this
7296
7297  AOT_modally_strict {
7298    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
7299  } note 1 = this
7300  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b &
7301                     𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
7302  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
7303    AOT_show 𝒜¬[E!]b
7304      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
7305  next AOT_show ¬Δ¬[E!]b
7306      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7307            b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
7308  next AOT_show 𝒜¬[E!]a
7309      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
7310  next AOT_show Δ¬[E!]a
7311      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta
7312            not_act_concrete_a not_delta_concrete_a "reductio-aa:1"
7313      by blast
7314  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7315  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
7316    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7317  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
7318    using "&E" by blast+
7319  note props = props this
7320
7321  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
7322    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
7323  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
7324    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7325  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
7326    using "&E" by blast+
7327  note props = props this
7328
7329  let  = "«y [O!]y  q0]»"
7330  AOT_modally_strict {
7331    AOT_have [«»] by "cqt:2[lambda]"
7332  } note 1 = this
7333  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7334  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
7335    AOT_show 𝒜([O!]b  q0)
7336      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
7337  next AOT_show Δ([O!]b  q0)
7338      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7339  next AOT_show ¬𝒜([O!]a  q0)
7340      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7341            not_act_q_zero "raa-cor:3" by blast
7342  next AOT_show Δ([O!]a  q0)
7343    proof (rule not_act_and_pos_delta)
7344      AOT_show ¬𝒜([O!]a  q0)
7345        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7346              not_act_q_zero "raa-cor:3" by blast
7347    next AOT_show ([O!]a  q0)
7348        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
7349    qed
7350  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7351  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
7352    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7353  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
7354    using "&E" by blast+
7355  note props = props this
7356
7357  let  = "«y [O!]y  ¬q0]»"
7358  AOT_modally_strict {
7359     AOT_have [«»] by "cqt:2[lambda]"
7360  } note 1 = this
7361  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7362  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
7363    AOT_show 𝒜([O!]b  ¬q0)
7364      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7365  next AOT_show Δ([O!]b  ¬q0)
7366      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7367  next AOT_show 𝒜([O!]a  ¬q0)
7368      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7369  next AOT_show ¬Δ([O!]a  ¬q0)
7370    proof(rule act_and_pos_not_not_delta)
7371      AOT_show 𝒜([O!]a  ¬q0)
7372        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7373    next
7374      AOT_have ¬[O!]a
7375        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta
7376              not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
7377      moreover AOT_have q0
7378        by (meson "&E"(1) q0_prop)
7379      ultimately AOT_have 2: (¬[O!]a & q0)
7380         by (metis "KBasic:16" "&I" "vdash-properties:10")
7381      AOT_show ¬([O!]a  ¬q0)
7382      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
7383        AOT_modally_strict {
7384          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
7385            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
7386                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
7387        }
7388      next
7389        AOT_show (¬[O!]a & q0)
7390          using "2" by blast
7391      qed
7392    qed
7393  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7394  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
7395    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7396  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
7397    using "&E" by blast+
7398  note props = props this
7399
7400  AOT_have [L]
7401    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
7402  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
7403  proof (safe intro!: "&I")
7404    AOT_show 𝒜[L]b
7405      by (meson nec_L "nec-imp-act" "vdash-properties:10")
7406    next AOT_show Δ[L]b using nec_L nec_delta by blast
7407    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "→E")
7408    next AOT_show Δ[L]a using nec_L nec_delta by blast
7409  qed
7410  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
7411    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7412  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
7413    using "&E" by blast+
7414  note props = props this
7415
7416  show ?thesis
7417    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1];
7418        rule "∃I"(2)[where β=F2]; rule "∃I"(2)[where β=F3];
7419        rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
7420        rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7];
7421        rule "∃I"(2)[where β=F8]; rule "∃I"(2)[where β=F9];
7422        rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
7423        rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13];
7424        rule "∃I"(2)[where β=F14]; rule "∃I"(2)[where β=F15];
7425        safe intro!: "&I")
7426       (match conclusion in "[?v  [F]  [G]]" for F G  7427        match props in A: "[?v  ¬φ{F}]" for φ 7428        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 7429        match props in B: "[?v  φ{G}]" 7430        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
7431                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
7432                                OF "Disjunction Addition"(2)[THEN "→E"],
7433                                OF "&I", OF A, OF B]››››)+
7434qed
7435
7436subsection‹The Theory of Objects›
7437text‹\label{PLM: 9.11}›
7438
7439AOT_theorem "o-objects-exist:1": x O!x
7440proof(rule RN)
7441  AOT_modally_strict {
7442    AOT_obtain a where (E!a & ¬𝒜[E!]a)
7443      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]]
7444      by blast
7445    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
7446    AOT_have x [E!]x]a
7447    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7448      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
7449    next
7450      AOT_show E!a by (fact 1)
7451    qed
7452    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
7453    AOT_thus x [O!]x by (rule "∃I")
7454  }
7455qed
7456
7457AOT_theorem "o-objects-exist:2": x A!x
7458proof (rule RN)
7459  AOT_modally_strict {
7460    AOT_obtain a where [A!]a
7461      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
7462    AOT_thus x A!x using "∃I" by blast
7463  }
7464qed
7465
7466AOT_theorem "o-objects-exist:3": ¬x O!x
7467  by (rule RN)
7468     (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]"
7469        "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2"
7470        "qml:2"[axiom_inst] "reductio-aa:2")
7471
7472AOT_theorem "o-objects-exist:4": ¬x A!x
7473  by (rule RN)
7474     (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]"
7475        "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2"
7476        "qml:2"[axiom_inst] "→E")
7477
7478AOT_theorem "o-objects-exist:5": ¬x E!x
7479proof (rule RN; rule "raa-cor:2")
7480  AOT_modally_strict {
7481    AOT_assume x E!x
7482    moreover AOT_obtain a where abs: A!a
7483      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]]
7484            "∃E"[rotated] by blast
7485    ultimately AOT_have E!a using "∀E" by blast
7486    AOT_hence 1: E!a by (metis "T◇" "→E")
7487    AOT_have y E!y]a
7488    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7489      AOT_show a using "cqt:2[const_var]"[axiom_inst].
7490    next
7491      AOT_show E!a by (fact 1)
7492    qed
7493    AOT_hence O!a
7494      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
7495    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
7496    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
7497  }
7498qed
7499
7500AOT_theorem partition: ¬x (O!x & A!x)
7501proof(rule "raa-cor:2")
7502  AOT_assume x (O!x & A!x)
7503  then AOT_obtain a where O!a & A!a
7504    using "∃E"[rotated] by blast
7505  AOT_thus p & ¬p for p
7506    by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1)
7507              "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
7508qed
7509
7510AOT_define eq_E :: ‹Π› ("'(=E')")
7511  "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
7512
7513syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
7514translations
7515  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
7516(* TODO: try to replace by a simple translations pattern *)
7517print_translation7518AOT_syntax_print_translations
7519[(const_syntax‹AOT_exe›, fn ctxt => fn [
7520  Const ("constAOT_PLM.eq_E", _),
7521  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7522] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
7523
7524text‹Note: Not explicitly mentioned as theorem in PLM.›
7525AOT_theorem "=E[denotes]": [(=E)]
7526  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
7527
7528AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
7529proof -
7530  (* TODO: rethink the product hacks *)
7531  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
7532    by (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7533  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2"
7534  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
7535    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(_,_)", OF 0]
7536    by fast
7537qed
7538
7539AOT_theorem "=E-simple:2": x =E y  x = y
7540proof (rule "→I")
7541  AOT_assume x =E y
7542  AOT_hence O!x & O!y & F ([F]x  [F]y)
7543    using "=E-simple:1"[THEN "≡E"(1)] by blast
7544  AOT_thus x = y
7545    using "≡dfI"[OF "identity:1"] "∨I" by blast
7546qed
7547
7548AOT_theorem "id-nec3:1": x =E y  (x =E y)
7549proof (rule "≡I"; rule "→I")
7550  AOT_assume x =E y
7551  AOT_hence O!x & O!y & F ([F]x  [F]y)
7552    using "=E-simple:1" "≡E" by blast
7553  AOT_hence O!x & O!y & F ([F]x  [F]y)
7554    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4)
7555              "oa-facts:1" "raa-cor:3" "vdash-properties:10")
7556  AOT_hence (O!x & O!y & F ([F]x  [F]y))
7557    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
7558  AOT_thus (x =E y)
7559    using "=E-simple:1"
7560    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
7561next
7562  AOT_assume (x =E y)
7563  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
7564qed
7565
7566AOT_theorem "id-nec3:2": (x =E y)  x =E y
7567  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1,5) "Commutativity of ≡")
7568
7569AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
7570  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
7571
7572syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
7573translations
7574  (Π) "(≠E)" == (Π) "(=E)-"
7575syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
7576translations
7577 "_AOT_non_eq_E_infix κ κ'" ==
7578 "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
7579(* TODO: try replacing be a simple translations pattern *)
7580print_translation7581AOT_syntax_print_translations
7582[(const_syntax‹AOT_exe›, fn ctxt => fn [
7583  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
7584  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7585] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
7586AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
7587proof -
7588  (* TODO: try to avoid the product hacks *)
7589  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
7590    by (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7591  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2"
7592  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
7593    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
7594       (meson "oth-class-taut:3:a")
7595  also AOT_have   ¬(=E)xy
7596    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
7597     apply "cqt:2[lambda]"
7598    by (fact 0)
7599  finally show ?thesis.
7600qed
7601
7602AOT_theorem "id-nec4:1": x E y  (x E y)
7603proof -
7604  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
7605  also AOT_have   ¬(x =E y)
7606    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
7607  also AOT_have   ¬(x =E y)
7608    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
7609  also AOT_have   (x E y)
7610    by (AOT_subst (reverse) ¬(x =E y) x E y)
7611       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
7612  finally show ?thesis.
7613qed
7614
7615AOT_theorem "id-nec4:2": (x E y)  (x E y)
7616  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2,5) "Commutativity of ≡")
7617
7618AOT_theorem "id-nec4:3": (x E y)  (x E y)
7619  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
7620
7621AOT_theorem "id-act2:1": x =E y  𝒜x =E y
7622  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1,6))
7623AOT_theorem "id-act2:2": x E y  𝒜x E y
7624  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1,6))
7625
7626AOT_theorem "ord=Eequiv:1": O!x  x =E x
7627proof (rule "→I")
7628  AOT_assume 1: O!x
7629  AOT_show x =E x
7630    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
7631    apply (rule "β←C"(1))
7632      apply "cqt:2[lambda]"
7633     apply (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7634    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
7635qed
7636
7637AOT_theorem "ord=Eequiv:2": x =E y  y =E x
7638proof(rule CP)
7639  AOT_assume 1: x =E y
7640  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
7641  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
7642  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
7643  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
7644qed
7645
7646AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
7647proof (rule CP)
7648  AOT_assume 1: x =E y & y =E z
7649  AOT_hence x = y & y = z
7650    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
7651  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
7652  moreover AOT_have x =E x
7653    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1)
7654          "ord=Eequiv:1" "→E" by blast
7655  ultimately AOT_show x =E z
7656    using "rule=E" by fast
7657qed
7658
7659AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
7660proof(rule CP)
7661  AOT_assume O!x  O!y
7662  moreover {
7663    AOT_assume O!x
7664    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
7665    moreover {
7666      AOT_modally_strict {
7667        AOT_have O!x  (x = y  x =E y)
7668        proof (rule "→I"; rule "≡I"; rule "→I")
7669          AOT_assume O!x
7670          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
7671          moreover AOT_assume x = y
7672          ultimately AOT_show x =E y using "rule=E" by fast
7673        next
7674          AOT_assume x =E y
7675          AOT_thus x = y by (metis "=E-simple:2" "→E")
7676        qed
7677      }
7678      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
7679    }
7680    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7681  }
7682  moreover {
7683    AOT_assume O!y
7684    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
7685    moreover {
7686      AOT_modally_strict {
7687        AOT_have O!y  (x = y  x =E y)
7688        proof (rule "→I"; rule "≡I"; rule "→I")
7689          AOT_assume O!y
7690          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
7691          moreover AOT_assume x = y
7692          ultimately AOT_show x =E y using "rule=E" id_sym by fast
7693        next
7694          AOT_assume x =E y
7695          AOT_thus x = y by (metis "=E-simple:2" "→E")
7696        qed
7697      }
7698      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
7699    }
7700    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7701  }
7702  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
7703qed
7704
7705AOT_theorem "ord-=E=:2": O!y  x x = y]
7706proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
7707  AOT_show x x =E y] by "cqt:2[lambda]"
7708next
7709  AOT_assume O!y
7710  AOT_hence 1: (x = y  x =E y) for x
7711    using "ord-=E=:1" "→E" "∨I" by blast
7712  AOT_have (x =E y  x = y) for x
7713    by (AOT_subst x =E y  x = y x = y  x =E y)
7714       (auto simp add: "Commutativity of ≡" 1)
7715  AOT_hence x (x =E y  x = y) by (rule GEN)
7716  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
7717qed
7718
7719
7720AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
7721proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
7722  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
7723next
7724  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
7725  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
7726    AOT_modally_strict {
7727      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
7728        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
7729                  "modus-tollens:1" "raa-cor:1" that)
7730    }
7731  next
7732    AOT_modally_strict {
7733      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
7734        apply(safe intro!: "&I")
7735          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
7736         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
7737        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
7738              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]]
7739        by fast
7740    }
7741  qed
7742qed
7743
7744AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
7745proof(rule "→I")
7746  AOT_assume F ([F]x  [F]y)
7747  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
7748  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
7749    using "∀E" by blast
7750  moreover AOT_have x F ([F]x  [F]y)]y
7751    apply (rule "β←C"(1))
7752      apply "cqt:2[lambda]"
7753     apply (fact "cqt:2[const_var]"[axiom_inst])
7754    by (simp add: RN GEN "oth-class-taut:3:a")
7755  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
7756  AOT_thus F ([F]x  [F]y)
7757    using "β→C"(1) by blast
7758qed
7759
7760AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
7761proof (rule "→I"; rule "→I")
7762  AOT_assume F ([F]x  [F]y)
7763  AOT_hence F ([F]x  [F]y)
7764    using "ind-nec"[THEN "→E"] by blast
7765  moreover AOT_assume O!x & O!y
7766  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
7767    using "&I" by blast
7768  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
7769qed
7770
7771AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
7772proof (rule "→I"; rule "→I")
7773  AOT_assume O!x & O!y
7774  moreover AOT_assume F ([F]x  [F]y)
7775  ultimately AOT_have x =E y
7776    using "ord=E:1" "→E" by blast
7777  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
7778qed
7779
7780AOT_theorem "ord=E2:1":
7781  (O!x & O!y)  (x  y  z z =E x]  z z =E y])
7782proof (rule "→I"; rule "≡I"; rule "→I";
7783       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7784  AOT_assume 0: O!x & O!y
7785  AOT_assume x  y
7786  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7787  AOT_assume z z =E x] = z z =E y]
7788  moreover AOT_have z z =E x]x
7789    apply (rule "β←C"(1))
7790      apply "cqt:2[lambda]"
7791     apply (fact "cqt:2[const_var]"[axiom_inst])
7792    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
7793  ultimately AOT_have z z =E y]x using "rule=E" by fast
7794  AOT_hence x =E y using "β→C"(1) by blast
7795  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
7796  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7797next
7798  AOT_assume z z =E x]  z z =E y]
7799  AOT_hence 0: ¬(z z =E x] = z z =E y])
7800    using "≡dfE"[OF "=-infix"] by blast
7801  AOT_have z z =E x] by "cqt:2[lambda]"
7802  AOT_hence z z =E x] = z z =E x]
7803    by (metis "rule=I:1")
7804  moreover AOT_assume x = y
7805  ultimately AOT_have z z =E x] = z z =E y]
7806    using "rule=E" by fast
7807  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
7808    using 0 "&I" by blast
7809qed
7810
7811AOT_theorem "ord=E2:2":
7812  (O!x & O!y)  (x  y  z z = x]  z z = y])
7813proof (rule "→I"; rule "≡I"; rule "→I";
7814       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7815  AOT_assume 0: O!x & O!y
7816  AOT_assume x  y
7817  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7818  AOT_assume z z = x] = z z = y]
7819  moreover AOT_have z z = x]x
7820    apply (rule "β←C"(1))
7821    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7822     apply (fact "cqt:2[const_var]"[axiom_inst])
7823    by (simp add: "id-eq:1")
7824  ultimately AOT_have z z = y]x using "rule=E" by fast
7825  AOT_hence x = y using "β→C"(1) by blast
7826  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7827next
7828  AOT_assume 0: O!x & O!y
7829  AOT_assume z z = x]  z z = y]
7830  AOT_hence 1: ¬(z z = x] = z z = y])
7831    using "≡dfE"[OF "=-infix"] by blast
7832  AOT_have z z = x]
7833    by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7834  AOT_hence z z = x] = z z = x]
7835    by (metis "rule=I:1")
7836  moreover AOT_assume x = y
7837  ultimately AOT_have z z = x] = z z = y]
7838    using "rule=E" by fast
7839  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
7840    using 1 "&I" by blast
7841qed
7842
7843AOT_theorem ordnecfail: O!x  ¬F x[F]
7844  by (meson "RM:1" "→I" nocoder[axiom_inst] "oa-facts:1" "→E")
7845
7846AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
7847proof (rule "→I"; rule "→I")
7848  AOT_assume 1: A!x & A!y
7849  AOT_assume F (x[F]  y[F])
7850  AOT_hence x[F]  y[F] for F using "∀E" by blast
7851  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
7852  AOT_hence F (x[F]  y[F]) by (rule GEN)
7853  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
7854  AOT_thus x = y
7855    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
7856qed
7857
7858AOT_theorem "ab-obey:2":
7859  (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
7860proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7861  AOT_assume 1: x = y
7862  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
7863  moreover {
7864    AOT_assume F (x[F] & ¬y[F])
7865    then AOT_obtain F where x[F] & ¬y[F]
7866      using "∃E"[rotated] by blast
7867    moreover AOT_have y[F]
7868      using calculation[THEN "&E"(1)] 1 "rule=E" by fast
7869    ultimately AOT_have p & ¬p for p
7870      by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
7871  }
7872  moreover {
7873    AOT_assume F (y[F] & ¬x[F])
7874    then AOT_obtain F where y[F] & ¬x[F]
7875      using "∃E"[rotated] by blast
7876    moreover AOT_have ¬y[F]
7877      using calculation[THEN "&E"(2)] 1 "rule=E" by fast
7878    ultimately AOT_have p & ¬p for p
7879      by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
7880  }
7881  ultimately AOT_show p & ¬p for p
7882    by (metis "∨E"(3) "raa-cor:1")
7883qed
7884
7885AOT_theorem "encoders-are-abstract": F x[F]  A!x
7886  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
7887            "oa-contingent:3" "vdash-properties:1[2]")
7888
7889AOT_theorem "denote=:1": Hx x[H]
7890  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; "cqt:2")
7891
7892AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
7893  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; "cqt:2")
7894
7895AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
7896  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; "cqt:2")
7897
7898AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
7899  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; "cqt:2")
7900
7901AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
7902  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; "cqt:2")
7903
7904AOT_theorem "denote=:3": x x[Π]  H (H = Π)
7905  using "existence:2[1]" "free-thms:1" "≡E"(2,5)
7906        "Commutativity of ≡" "≡Df" by blast
7907
7908AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
7909  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
7910
7911AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
7912  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
7913
7914AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
7915  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
7916
7917AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
7918  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
7919
7920AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
7921proof (rule "uniqueness:1"[THEN "≡dfI"])
7922  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
7923    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
7924  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
7925  proof (rule "→I")
7926    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
7927    AOT_hence β[F]  φ{F} for F
7928      using "∀E" "&E" by blast
7929    AOT_hence β[F]  a[F] for F
7930      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2,5)
7931            "Commutativity of ≡" by fast
7932    AOT_hence F (β[F]  a[F]) by (rule GEN)
7933    AOT_thus β = a
7934      using "ab-obey:1"[THEN "→E",
7935                OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]],
7936                THEN "→E"] by blast
7937  qed
7938  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
7939  AOT_thus α ([A!]α & F (α[F]  φ{F}) &
7940                β ([A!]β & F (β[F]  φ{F})  β = α))
7941    using "∃I" using a_prop "&I" by fast
7942qed
7943
7944AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
7945  using "A-objects!" by fast
7946
7947AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
7948  using "A-objects!" by fast
7949
7950AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
7951  using "A-objects!" by fast
7952
7953AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
7954  using "A-objects!" by fast
7955
7956AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
7957  using "A-objects!" by fast
7958
7959AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
7960  using "A-objects!" by fast
7961
7962AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
7963  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
7964
7965AOT_act_theorem "thm-can-terms2":
7966  y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
7967  using "y-in:2" by blast
7968
7969AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
7970proof(rule "→I")
7971  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
7972  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
7973    using "actual-desc:2"[THEN "→E"] by blast
7974  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
7975  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
7976qed
7977
7978AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7979proof -
7980  AOT_have ιx(A!x & F (x[F]  φ{F}))
7981    by (simp add: "A-descriptions")
7982  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) &
7983             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7984    using "y-in:3"[THEN "→E"] by blast
7985  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7986    using "&E" "∀E" by blast
7987qed
7988
7989AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
7990  using "desc-encode:1".
7991
7992AOT_theorem "desc-nec-encode:1":
7993  ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
7994proof -
7995  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
7996    by (simp add: "A-descriptions")
7997  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) &
7998             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
7999    using "actual-desc:4"[THEN "→E"] by blast
8000  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8001    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
8002  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8003    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
8004  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8005    using "∀E" by blast
8006  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8007    using "Act-Basic:5" "≡E"(1) by blast
8008  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8009    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
8010qed
8011
8012AOT_theorem "desc-nec-encode:2":
8013  ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
8014  using "desc-nec-encode:1".
8015
8016AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
8017  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
8018     (meson "nec-imp-act" "vdash-properties:10")
8019
8020AOT_theorem "Box-desc-encode:2":
8021φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8022proof(rule CP)
8023  AOT_assume φ{G}
8024  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
8025  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8026  proof (rule RM; rule "→I")
8027    AOT_modally_strict {
8028      AOT_assume 1: φ{G}
8029      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G]
8030        using "Box-desc-encode:1" "→E" by blast
8031      moreover AOT_have φ{G}
8032        using 1 by (meson "qml:2"[axiom_inst] "→E")
8033      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
8034        using "→I" "≡I" by simp
8035    }
8036  qed
8037  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8038    using "→E" by blast
8039qed
8040
8041definition rigid_condition where
8042  rigid_condition φ  v . [v  α (φ{α}  φ{α})]
8043syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
8044
8045AOT_theorem "strict-can:1[E]":
8046  assumes RIGID_CONDITION(φ)
8047  shows α (φ{α}  φ{α})
8048  using assms[unfolded rigid_condition_def] by auto
8049
8050AOT_theorem "strict-can:1[I]":
8051  assumes  α (φ{α}  φ{α})
8052  shows RIGID_CONDITION(φ)
8053  using assms rigid_condition_def by auto
8054
8055AOT_theorem "box-phi-a:1":
8056  assumes RIGID_CONDITION(φ)
8057  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
8058proof (rule "→I")
8059  AOT_assume a: A!x & F (x[F]  φ{F})
8060  AOT_hence b: A!x
8061    by (metis "Conjunction Simplification"(1) "oa-facts:2" "→E")
8062  AOT_have x[F]  φ{F} for F
8063    using a[THEN "&E"(2)] "∀E" by blast
8064  moreover AOT_have (x[F]  x[F]) for F
8065    by (meson "pre-en-eq:1[1]" RN)
8066  moreover AOT_have (φ{F}  φ{F}) for F
8067    using RN "strict-can:1[E]"[OF assms] "∀E" by blast
8068  ultimately AOT_have (x[F]  φ{F}) for F
8069    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
8070  AOT_hence F (x[F]  φ{F}) by (rule GEN)
8071  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
8072  AOT_thus ([A!]x & F (x[F]  φ{F}))
8073    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
8074qed
8075
8076AOT_theorem "box-phi-a:2":
8077  assumes RIGID_CONDITION(φ)
8078  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
8079proof(rule "→I")
8080  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
8081  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
8082    using "actual-desc:2"[THEN "→E"] by fast
8083  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
8084    using "Act-Basic:2" "&E" "≡E"(1) by blast+
8085  AOT_hence F 𝒜(y[F]  φ{F})
8086    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8087  AOT_hence 𝒜(y[F]  φ{F}) for F
8088    using "∀E" by blast
8089  AOT_hence 𝒜y[F]  𝒜φ{F} for F
8090    by (metis "Act-Basic:5" "≡E"(1)) 
8091  AOT_hence y[F]  φ{F} for F
8092    using "sc-eq-fur:2"[THEN "→E",
8093            OF "strict-can:1[E]"[OF assms,
8094                THEN "∀E"(2)[where β=F], THEN RN]]
8095    by (metis "en-eq:10[1]" "≡E"(6))
8096  AOT_hence F (y[F]  φ{F}) by (rule GEN)
8097  AOT_thus [A!]y & F (y[F]  φ{F})
8098    using abs "&I" "≡E"(2) "oa-facts:8" by blast
8099qed
8100
8101AOT_theorem "box-phi-a:3":
8102  assumes RIGID_CONDITION(φ)
8103  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8104  using "desc-nec-encode:2"
8105    "sc-eq-fur:2"[THEN "→E",
8106        OF "strict-can:1[E]"[OF assms,
8107          THEN "∀E"(2)[where β=F], THEN RN]]
8108    "≡E"(5) by blast
8109
8110AOT_define Null :: ‹τ  φ› ("Null'(_')") 
8111  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
8112
8113AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
8114  "df-null-uni:2": Universal(x) df A!x & F x[F]
8115
8116AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
8117proof (rule "uniqueness:1"[THEN "≡dfI"])
8118  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
8119    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8120  AOT_have a_null: ¬a[F] for F
8121  proof (rule "raa-cor:2")
8122    AOT_assume a[F]
8123    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
8124    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
8125    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
8126  qed
8127  AOT_have Null(a) & β (Null(β)  β = a)
8128  proof (rule "&I")
8129    AOT_have ¬F a[F]
8130      using a_null by (metis "instantiation" "reductio-aa:1")
8131    AOT_thus Null(a)
8132      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
8133  next
8134    AOT_show β (Null(β)  β = a)
8135    proof (rule GEN; rule "→I")
8136      fix β
8137      AOT_assume a: Null(β)
8138      AOT_hence ¬F β[F]
8139        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8140      AOT_hence β_null: ¬β[F] for F
8141        by (metis "existential:2[const_var]" "reductio-aa:1")
8142      AOT_have F (β[F]  a[F])
8143        apply (rule GEN; rule "≡I"; rule CP)
8144        using "raa-cor:3" β_null a_null by blast+
8145      moreover AOT_have A!β
8146        using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8147      ultimately AOT_show β = a
8148        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8149              "&I" by blast
8150    qed
8151  qed
8152  AOT_thus α (Null(α) & β (Null(β)  β = α))
8153    using "∃I"(2) by fast
8154qed
8155
8156AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
8157proof (rule "uniqueness:1"[THEN "≡dfI"])
8158  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
8159    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8160  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
8161  AOT_hence Universal(a)
8162    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
8163  moreover AOT_have β (Universal(β)  β = a)
8164  proof (rule GEN; rule "→I")
8165    fix β
8166    AOT_assume Universal(β)
8167    AOT_hence abs_β: A!β and β[F] for F
8168      using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
8169    AOT_hence β[F]  a[F] for F
8170      using aF by (metis "deduction-theorem" "≡I")
8171    AOT_hence F (β[F]  a[F]) by (rule GEN)
8172    AOT_thus β = a
8173      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8174            "&I" abs_β by blast
8175  qed
8176  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
8177    using "&I" "∃I" by fast
8178qed
8179
8180AOT_theorem "null-uni-uniq:3": ιx Null(x)
8181  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
8182
8183AOT_theorem "null-uni-uniq:4": ιx Universal(x)
8184  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
8185
8186AOT_define Null_object :: ‹κs (a)
8187  "df-null-uni-terms:1": a =df ιx Null(x)
8188
8189AOT_define Universal_object :: ‹κs (aV)
8190  "df-null-uni-terms:2": aV =df ιx Universal(x)
8191
8192AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
8193proof (rule "→I")
8194  AOT_assume Null(x)
8195  AOT_hence x_abs: A!x and x_null: ¬F x[F]
8196    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
8197  AOT_have ¬x[F] for F using x_null
8198    using "existential:2[const_var]" "reductio-aa:1"
8199    by metis
8200  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
8201  AOT_hence F ¬x[F] by (rule GEN)
8202  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
8203  moreover AOT_have F ¬x[F]  ¬F x[F]
8204    apply (rule RM)
8205    by (metis (full_types) "instantiation" "cqt:2[const_var]"[axiom_inst]
8206                           "→I" "reductio-aa:1" "rule-ui:1")
8207  ultimately AOT_have ¬F x[F]
8208    by (metis "→E")
8209  moreover AOT_have A!x using x_abs
8210    using "oa-facts:2" "vdash-properties:10" by blast
8211  ultimately AOT_have r: (A!x & ¬F x[F])
8212    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8213  AOT_show Null(x)
8214    by (AOT_subst Null(x) A!x & ¬F x[F])
8215       (auto simp: "df-null-uni:1" "≡Df" r)
8216qed  
8217
8218AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
8219proof (rule "→I")
8220  AOT_assume Universal(x)
8221  AOT_hence x_abs: A!x and x_univ: F x[F]
8222    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
8223  AOT_have x[F] for F using x_univ "∀E" by blast
8224  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
8225  AOT_hence F x[F] by (rule GEN)
8226  AOT_hence F x[F] by (rule BF[THEN "→E"])
8227  moreover AOT_have A!x using x_abs
8228    using "oa-facts:2" "vdash-properties:10" by blast
8229  ultimately AOT_have r: (A!x & F x[F])
8230    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8231  AOT_show Universal(x)
8232    by (AOT_subst Universal(x) A!x & F x[F])
8233       (auto simp add: "df-null-uni:2" "≡Df" r)
8234qed
8235
8236AOT_theorem "null-uni-facts:3": Null(a)
8237  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
8238   apply (simp add: "null-uni-uniq:3")
8239  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
8240    "sc-eq-fur:2"[THEN "→E",
8241        OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"],
8242        THEN "≡E"(1)]
8243  by blast
8244
8245AOT_theorem "null-uni-facts:4": Universal(aV)
8246  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
8247   apply (simp add: "null-uni-uniq:4")
8248  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
8249    "sc-eq-fur:2"[THEN "→E",
8250        OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"],
8251        THEN "≡E"(1)]
8252  by blast
8253
8254AOT_theorem "null-uni-facts:5": a  aV
8255proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8256    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8257    rule "≡dfI"[OF "=-infix"];
8258    rule "raa-cor:2")
8259  AOT_obtain x where nullx: Null(x)
8260    by (metis "instantiation" "df-null-uni-terms:1" "existential:1"
8261              "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:b[zero]")
8262  AOT_hence act_null: 𝒜Null(x)
8263    by (metis "nec-imp-act" "null-uni-facts:1" "→E")
8264  AOT_assume ιx Null(x) = ιx Universal(x)
8265  AOT_hence 𝒜x(Null(x)  Universal(x))
8266    using "actual-desc:5"[THEN "→E"] by blast
8267  AOT_hence x 𝒜(Null(x)  Universal(x))
8268    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8269  AOT_hence 𝒜Null(x)  𝒜Universal(x)
8270    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
8271  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
8272  AOT_hence Universal(x)
8273    by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "→E")
8274  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
8275  moreover AOT_have ¬F x[F]
8276    using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
8277  ultimately AOT_show p & ¬p for p
8278    by (metis "cqt-further:1" "raa-cor:3" "→E")
8279qed
8280
8281AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
8282proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8283  AOT_show ιx([A!]x & F (x[F]  F  F))
8284    by (simp add: "A-descriptions")
8285next
8286  AOT_show a
8287    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8288       (simp add: "null-uni-uniq:3")
8289next
8290  AOT_have ιx([A!]x & F (x[F]  F  F))
8291    by (simp add: "A-descriptions")
8292  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
8293    using "rule=I:1" by blast
8294  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
8295    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8296           rule "&I")
8297     apply (meson "≡dfE" "Conjunction Simplification"(1)
8298                  "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8299                  "null-uni-uniq:3" "rule-id-df:2:a[zero]" "→E")
8300    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8301next
8302  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
8303  proof (rule GEN)
8304    fix F
8305    AOT_have ¬a[F]
8306      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8307         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3) "∃I"(2)
8308                "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8309                "raa-cor:2" "rule-id-df:2:a[zero]"
8310                "russell-axiom[enc,1].ψ_denotes_asm")
8311    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
8312    proof(rule "raa-cor:2")
8313      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
8314      AOT_hence 𝒜(F  F)
8315        using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
8316      moreover AOT_have ¬𝒜(F  F)
8317        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2)
8318              "=-infix" "raa-cor:3" by blast
8319      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
8320    qed
8321    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
8322      using "deduction-theorem" "≡I" "raa-cor:4" by blast
8323  qed
8324qed
8325
8326AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
8327proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8328  AOT_show ιx([A!]x & F (x[F]  F = F))
8329    by (simp add: "A-descriptions")
8330next
8331  AOT_show aV
8332    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8333       (simp add: "null-uni-uniq:4")
8334next
8335  AOT_have ιx([A!]x & F (x[F]  F = F))
8336    by (simp add: "A-descriptions")
8337  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
8338    using "rule=I:1" by blast
8339  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
8340    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8341           rule "&I")
8342     apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2"
8343                  "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4"
8344                  "rule-id-df:2:a[zero]" "→E")
8345    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8346next
8347  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
8348  proof (rule GEN)
8349    fix F
8350    AOT_have aV[F]
8351      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8352      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2"
8353            "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]"
8354            "rule-ui:3" by blast
8355    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
8356      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
8357    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
8358      using "deduction-theorem" "≡I" by simp
8359  qed
8360qed
8361
8362AOT_theorem "aclassical:1":
8363Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
8364proof(rule GEN)
8365  fix R
8366  AOT_obtain a where a_prop:
8367    A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
8368    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8369  AOT_have a_enc: az [R]za]
8370  proof (rule "raa-cor:1")
8371    AOT_assume 0: ¬az [R]za]
8372    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8373      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
8374                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8375                THEN "≡E"(1), rotated])
8376         "cqt:2[lambda]"
8377    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8378      using "cqt-further:4" "vdash-properties:10" by blast
8379    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za])
8380      using "∀E" by blast
8381    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
8382      by (metis "&I" "deduction-theorem" "raa-cor:3")
8383    moreover AOT_have z [R]za] = z [R]za]
8384      by (rule "=I") "cqt:2[lambda]"
8385    ultimately AOT_have az [R]za]
8386      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8387    AOT_thus az [R]za] & ¬az [R]za]
8388      using 0 "&I" by blast
8389  qed
8390  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8391    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8392       "cqt:2"
8393  then AOT_obtain b where b_prop:
8394    A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
8395    using "∃E"[rotated] by blast
8396  AOT_have a  b
8397    apply (rule "≡dfI"[OF "=-infix"])
8398    using a_enc b_prop[THEN "&E"(2)]
8399    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8400          "raa-cor:3" "reductio-aa:1" by fast
8401  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
8402    using b_prop "&E" a_prop "&I" by meson
8403  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
8404  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
8405qed
8406
8407AOT_theorem "aclassical:2":
8408  Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
8409proof(rule GEN)
8410  fix R
8411  AOT_obtain a where a_prop:
8412    A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
8413    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8414  AOT_have a_enc: az [R]az]
8415  proof (rule "raa-cor:1")
8416    AOT_assume 0: ¬az [R]az]
8417    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8418      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
8419                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8420                THEN "≡E"(1), rotated])
8421         "cqt:2[lambda]"
8422    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8423      using "cqt-further:4" "vdash-properties:10" by blast
8424    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az])
8425      using "∀E" by blast
8426    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
8427      by (metis "&I" "deduction-theorem" "raa-cor:3")
8428    moreover AOT_have z [R]az] = z [R]az]
8429      by (rule "=I") "cqt:2[lambda]"
8430    ultimately AOT_have az [R]az]
8431      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8432    AOT_thus az [R]az] & ¬az [R]az]
8433      using 0 "&I" by blast
8434  qed
8435  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8436    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8437       "cqt:2"
8438  then AOT_obtain b where b_prop:
8439    A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
8440    using "∃E"[rotated] by blast
8441  AOT_have a  b
8442    apply (rule "≡dfI"[OF "=-infix"])
8443    using a_enc b_prop[THEN "&E"(2)]
8444    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8445          "raa-cor:3" "reductio-aa:1" by fast
8446  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
8447    using b_prop "&E" a_prop "&I" by meson
8448  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
8449  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
8450qed
8451
8452AOT_theorem "aclassical:3":
8453  Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
8454proof(rule GEN)
8455  fix R
8456  AOT_obtain a where a_prop:
8457    A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
8458    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8459  AOT_have z [R]a] by "cqt:2[lambda]"
8460  (* TODO: S should no longer be necessary *)
8461  then AOT_obtain S where S_def: S = z [R]a]
8462    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
8463  AOT_have a_enc: a[S]
8464  proof (rule "raa-cor:1")
8465    AOT_assume 0: ¬a[S]
8466    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
8467      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
8468                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8469                THEN "≡E"(1), rotated]) 
8470    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
8471      using "cqt-further:4" "vdash-properties:10" by blast
8472    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
8473    AOT_hence (A!a & S = z [R]a])  a[S]
8474      by (metis "&I" "deduction-theorem" "raa-cor:3")
8475    moreover AOT_have S = z [R]a] using S_def .
8476    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8477    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
8478  qed
8479  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
8480    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
8481  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
8482    using "∃E"[rotated] by blast
8483  AOT_have 1: a  b
8484    apply (rule "≡dfI"[OF "=-infix"])
8485    using a_enc b_prop[THEN "&E"(2)]
8486    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8487          "raa-cor:3" "reductio-aa:1" by fast
8488  AOT_have a:  [R]a] = ([R]a)
8489    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8490    by (meson "log-prop-prop:2")
8491  AOT_have b:  [R]b] = ([R]b)
8492    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8493    by (meson "log-prop-prop:2")
8494  AOT_have  [R]a] =  [R]b]
8495    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
8496    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
8497    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
8498     apply (rule "rule=E"[rotated, OF S_def])
8499    using b_prop "&E" apply blast
8500    apply (safe intro!: "&I")
8501    by (simp add: "log-prop-prop:2")+
8502  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
8503    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)]
8504          "&I" by auto
8505  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
8506  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
8507qed
8508
8509AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
8510proof -
8511  AOT_have x y ([A!]x & [A!]y & x  y &
8512               z xy F ([F]x  [F]y)]zx] =
8513               z xy F ([F]x  [F]y)]zy])
8514    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
8515       "cqt:2"
8516  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
8517               z xy F ([F]x  [F]y)]zx] =
8518               z xy F ([F]x  [F]y)]zy])
8519    using "∃E"[rotated] by blast
8520  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
8521               z xy F ([F]x  [F]y)]zx] =
8522               z xy F ([F]x  [F]y)]zy])
8523    using "∃E"[rotated] by blast
8524  AOT_have z xy F ([F]x  [F]y)]zx]x
8525    by (auto intro!: "β←C"(1) "cqt:2";
8526        simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3"
8527                  "oth-class-taut:3:a" "universal-cor")
8528  AOT_hence z xy F ([F]x  [F]y)]zy]x
8529    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
8530  AOT_hence xy F ([F]x  [F]y)]xy
8531    by (rule "β→C"(1))
8532  AOT_hence F ([F]x  [F]y)
8533    using "β→C"(1) old.prod.case by fast
8534  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y)
8535    using 0 "&E" "&I" by blast
8536  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
8537  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
8538qed
8539
8540AOT_theorem "kirchner-thm:1":
8541  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8542proof(rule "≡I"; rule "→I")
8543  AOT_assume x φ{x}]
8544  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
8545  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8546  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8547    AOT_modally_strict {
8548      fix x y
8549      AOT_assume 0: x φ{x}]
8550      moreover AOT_assume F([F]x  [F]y)
8551      ultimately AOT_have x φ{x}]x  x φ{x}]y
8552        using "∀E" by blast
8553      AOT_thus (φ{x}  φ{y})
8554        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8555    }
8556  qed
8557  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8558    using "→E" by blast
8559next
8560  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y})) 
8561            y(x(F([F]x  [F]y) & φ{x})  φ{y})
8562  proof(rule "RM:1"; rule "→I"; rule GEN)
8563    AOT_modally_strict {
8564      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8565      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
8566        using "∀E"(2) "→E" that by blast
8567      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
8568      proof (rule "raa-cor:1")
8569        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
8570        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y}) 
8571                   (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8572          using "≡E"(1) "oth-class-taut:4:h" by blast
8573        moreover {
8574          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
8575          AOT_obtain a where F([F]a  [F]y) & φ{a}
8576            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8577          AOT_hence φ{y}
8578            using indisc[THEN "≡E"(1)] "&E" by blast
8579          AOT_hence p & ¬p for p
8580            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8581        }
8582        moreover {
8583          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8584          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
8585            using "&E"(1) "cqt-further:4" "→E" by blast
8586          AOT_hence ¬(F([F]y  [F]y) & φ{y})
8587            using "∀E" by blast
8588          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
8589            using "≡E"(1) "oth-class-taut:5:c" by blast
8590          moreover AOT_have F([F]y  [F]y)
8591            by (simp add: "oth-class-taut:3:a" "universal-cor")
8592          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
8593          AOT_hence p & ¬p for p
8594            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8595        }
8596        ultimately AOT_show p & ¬p for p
8597          using "∨E"(3) "raa-cor:1" by blast
8598      qed
8599    }
8600  qed
8601  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8602  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
8603    using "→E" by blast
8604  AOT_thus x φ{x}]
8605    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8606qed
8607
8608AOT_theorem "kirchner-thm:2":
8609  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8610    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8611proof(rule "≡I"; rule "→I")
8612  AOT_assume x1...xn φ{x1...xn}]
8613  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "→E")
8614  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8615    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8616  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8617    AOT_modally_strict {
8618      fix x1xn y1yn :: 'a AOT_var›
8619      AOT_assume 0: x1...xn φ{x1...xn}]
8620      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8621      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn 
8622                           x1...xn φ{x1...xn}]y1...yn
8623        using "∀E" by blast
8624      AOT_thus (φ{x1...xn}  φ{y1...yn})
8625        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8626    }
8627  qed
8628  ultimately AOT_show x1...∀xny1...∀yn(
8629    F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8630  )
8631    using "→E" by blast
8632next
8633  AOT_have 8634    (x1...∀xny1...∀yn
8635      (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})))
8636     y1...∀yn
8637        ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8638         φ{y1...yn})
8639  proof(rule "RM:1"; rule "→I"; rule GEN)
8640    AOT_modally_strict {
8641      AOT_assume x1...∀xny1...∀yn
8642        (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8643      AOT_hence indisc: φ{x1...xn}  φ{y1...yn}
8644        if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
8645        using "∀E"(2) "→E" that by blast
8646      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8647                φ{y1...yn} for y1yn
8648      proof (rule "raa-cor:1")
8649        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8650                    φ{y1...yn})
8651        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn)
8652                    & φ{x1...xn}))
8653                    & ¬φ{y1...yn}) 
8654                  (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8655                   & φ{y1...yn})
8656          using "≡E"(1) "oth-class-taut:4:h" by blast
8657        moreover {
8658          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8659                         & ¬φ{y1...yn}
8660          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
8661            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8662          AOT_hence φ{y1...yn}
8663            using indisc[THEN "≡E"(1)] "&E" by blast
8664          AOT_hence p & ¬p for p
8665            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8666        }
8667        moreover {
8668          AOT_assume 0: ¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8669                         & φ{y1...yn}
8670          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
8671            using "&E"(1) "cqt-further:4" "→E" by blast
8672          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn})
8673            using "∀E" by blast
8674          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
8675            using "≡E"(1) "oth-class-taut:5:c" by blast
8676          moreover AOT_have F([F]y1...yn  [F]y1...yn)
8677            by (simp add: "oth-class-taut:3:a" "universal-cor")
8678          ultimately AOT_have ¬φ{y1...yn}
8679            by (metis "¬¬I" "∨E"(2))
8680          AOT_hence p & ¬p for p
8681            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8682        }
8683        ultimately AOT_show p & ¬p for p
8684          using "∨E"(3) "raa-cor:1" by blast
8685      qed
8686    }
8687  qed
8688  moreover AOT_assume x1...∀xny1...∀yn
8689    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8690  ultimately AOT_have y1...∀yn
8691    ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8692     φ{y1...yn})
8693    using "→E" by blast
8694  AOT_thus x1...xn φ{x1...xn}]
8695    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8696qed
8697
8698AOT_theorem "kirchner-thm-cor:1":
8699  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8700proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8701  fix x y
8702  AOT_assume x φ{x}]
8703  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8704    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
8705  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8706    using CBF[THEN "→E"] by blast
8707  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8708    using "∀E" by blast
8709  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8710    using CBF[THEN "→E"] by blast
8711  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
8712    using "∀E" by blast
8713  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
8714    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8715  moreover AOT_assume F([F]x  [F]y)
8716  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
8717qed
8718
8719AOT_theorem "kirchner-thm-cor:2":
8720  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8721    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8722proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8723  fix x1xn y1yn
8724  AOT_assume x1...xn φ{x1...xn}]
8725  AOT_hence 0: x1...∀xny1...∀yn
8726    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8727    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
8728  AOT_have x1...∀xny1...∀yn
8729    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8730  proof(rule GEN; rule GEN)
8731    fix x1xn y1yn
8732    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8733      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
8734      using "∀E" by blast
8735  qed
8736  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn) 
8737                         (φ{x1...xn}  φ{y1...yn}))
8738    using "∀E" by blast
8739  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8740    using "∀E" by blast
8741  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8742    using "∀E" by blast
8743  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8744    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8745  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8746  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2"
8747  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn 
8748                       x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8749    using "∀E" by blast
8750  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8751    apply (rule "β←C"(1))
8752      apply "cqt:2[lambda]"
8753     apply (fact "cqt:2[const_var]"[axiom_inst])
8754    by (simp add: RN GEN "oth-class-taut:3:a")
8755  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn
8756    using "≡E"(2) by blast
8757  AOT_hence F ([F]x1...xn  [F]y1...yn)
8758    using "β→C"(1) by blast
8759  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
8760qed
8761
8762subsection‹Propositional Properties›
8763text‹\label{PLM: 9.12}›
8764
8765AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
8766  "prop-prop1": Propositional([F]) df p(F = y p])
8767
8768AOT_theorem "prop-prop2:1": p y p]
8769  by (rule GEN) "cqt:2[lambda]"
8770
8771AOT_theorem "prop-prop2:2": ν φ]
8772  by "cqt:2[lambda]"
8773
8774AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
8775proof (rule "→I")
8776  AOT_assume 0: F = y p]
8777  AOT_show x([F]x  p)
8778    by (rule "rule=E"[rotated, OF 0[symmetric]];
8779        rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
8780      "cqt:2[lambda]"
8781qed
8782
8783AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
8784proof(rule "→I")
8785  AOT_assume Propositional([F])
8786  AOT_hence p(F = y p])
8787    using "≡dfE"[OF "prop-prop1"] by blast
8788  then AOT_obtain p where F = y p]
8789    using "∃E"[rotated] by blast
8790  AOT_hence (F = y p])
8791    using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
8792  AOT_hence p (F = y p])
8793    using "∃I" by fast
8794  AOT_hence 0: p (F = y p])
8795    by (metis Buridan "vdash-properties:10")
8796  AOT_thus Propositional([F])
8797    using "prop-prop1"[THEN "≡Df"]
8798    by (AOT_subst Propositional([F]) p (F = y p])) auto
8799qed
8800
8801AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
8802  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
8803
8804AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
8805proof(rule "→I")
8806  AOT_assume Propositional([Π])
8807  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
8808  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
8809  AOT_show Indiscriminate([Π])
8810  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8811    AOT_show Π
8812      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
8813  next
8814    AOT_show (x [Π]x  x [Π]x)
8815    proof (rule "rule=E"[rotated, OF Π_def[symmetric]];
8816           rule RN; rule "→I"; rule GEN)
8817      AOT_modally_strict {
8818        AOT_assume x y p]x
8819        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
8820        AOT_hence 0: p by (metis "β→C"(1))
8821        AOT_show y p]x for x
8822          apply (rule "β←C"(1))
8823            apply "cqt:2[lambda]"
8824           apply (fact "cqt:2[const_var]"[axiom_inst])
8825          by (fact 0)
8826      }
8827    qed
8828  qed
8829qed
8830
8831AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
8832proof (rule "→I")
8833  AOT_assume Necessary([F])
8834  AOT_hence 0: x1...∀xn [F]x1...xn
8835    using "≡dfE"[OF "contingent-properties:1"] by blast
8836  AOT_show Indiscriminate([F])
8837    by (rule "≡dfI"[OF "prop-indis"])
8838       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "→E") 
8839qed
8840
8841AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
8842proof (rule "→I")
8843  AOT_modally_strict {
8844    AOT_have x ¬[F]x  (x [F]x  x [F]x)
8845      by (metis "∃E" "cqt-orig:3" "Hypothetical Syllogism" "→I" "raa-cor:3")
8846  }
8847  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
8848    by (rule "RM:1")
8849  AOT_assume Impossible([F])
8850  AOT_hence x ¬[F]x
8851    using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
8852  AOT_hence 1: (x [F]x  x [F]x)
8853    using 0 "→E" by blast
8854  AOT_show Indiscriminate([F])
8855    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8856       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
8857qed
8858
8859AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
8860proof(rule "raa-cor:2")
8861  AOT_assume Indiscriminate([E!])
8862  AOT_hence 0: (x [E!]x  x [E!]x)
8863    using "≡dfE"[OF "prop-indis"] "&E" by blast
8864  AOT_hence x [E!]x  x [E!]x
8865    using "KBasic:13" "vdash-properties:10" by blast
8866  moreover AOT_have x [E!]x
8867    by (simp add: "thm-cont-e:3")
8868  ultimately AOT_have x [E!]x
8869    by (metis "vdash-properties:6")
8870  AOT_thus p & ¬p for p
8871    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
8872qed
8873
8874AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
8875proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]];
8876       rule "raa-cor:2")
8877  AOT_assume Indiscriminate(x ¬[E!]x])
8878  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
8879    using "≡dfE"[OF "prop-indis"] "&E" by blast
8880  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
8881    using "→E" "qml:1" "vdash-properties:1[2]" by blast
8882  moreover AOT_have x x ¬[E!]x]x
8883    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
8884    apply (rule "beta-C-meta"[THEN "→E"])
8885     apply "cqt:2"
8886    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2"
8887                           "o-objects-exist:5" "→E")
8888  ultimately AOT_have 1: x x ¬[E!]x]x
8889    by (metis "vdash-properties:6")
8890  AOT_hence x ¬[E!]x
8891    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
8892       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
8893  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
8894  moreover AOT_obtain a where abs_a: O!a
8895    using "∃E" "o-objects-exist:1" "qml:2"[axiom_inst] "→E" by blast
8896  ultimately AOT_have ¬[E!]a using "∀E" by blast
8897  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
8898  AOT_have A!a
8899    apply (rule "=dfI"(2)[OF AOT_abstract])
8900     apply "cqt:2[lambda]"
8901    apply (rule "β←C"(1))
8902      apply "cqt:2[lambda]"
8903    using "cqt:2[const_var]"[axiom_inst] apply blast
8904    by (fact 2)
8905  AOT_thus p & ¬p for p using abs_a
8906    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
8907qed
8908
8909AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
8910proof(rule "raa-cor:2")
8911  AOT_assume Indiscriminate(O!)
8912  AOT_hence 0: (x O!x  x O!x)
8913    using "≡dfE"[OF "prop-indis"] "&E" by blast
8914  AOT_hence x O!x  x O!x
8915    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8916  moreover AOT_have x O!x
8917    using "o-objects-exist:1" by blast
8918  ultimately AOT_have x O!x
8919    by (metis "vdash-properties:6")
8920  AOT_thus p & ¬p for p
8921    by (metis "o-objects-exist:3" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8922qed
8923
8924AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
8925proof(rule "raa-cor:2")
8926  AOT_assume Indiscriminate(A!)
8927  AOT_hence 0: (x A!x  x A!x)
8928    using "≡dfE"[OF "prop-indis"] "&E" by blast
8929  AOT_hence x A!x  x A!x
8930    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8931  moreover AOT_have x A!x
8932    using "o-objects-exist:2" by blast
8933  ultimately AOT_have x A!x
8934    by (metis "vdash-properties:6")
8935  AOT_thus p & ¬p for p
8936    by (metis "o-objects-exist:4" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8937qed
8938
8939AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
8940  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
8941
8942AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
8943  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
8944
8945AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
8946  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
8947
8948AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
8949  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
8950
8951AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
8952proof(rule "→I")
8953  AOT_assume p (F = y p])
8954  AOT_hence p (F = y p])
8955    by (metis "BF◇" "→E")
8956  then AOT_obtain p where (F = y p])
8957    using "∃E"[rotated] by blast
8958  AOT_hence F = y p]
8959    by (metis "derived-S5-rules:2" emptyE "id-nec:2" "→E")
8960  AOT_thus p(F = y p]) by (rule "∃I")
8961qed
8962
8963AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
8964proof(rule "→I")
8965  AOT_assume p (F  y p])
8966  AOT_hence (F  y p]) for p
8967    using "∀E" by blast
8968  AOT_hence (F  y p]) for p
8969    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2"
8970  AOT_hence p (F  y p]) by (rule GEN)
8971  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
8972qed
8973
8974AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
8975proof(rule "→I")
8976  AOT_assume p (F = y p])
8977  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
8978  AOT_hence (F = y p]) by (metis "id-nec:2" "→E")
8979  AOT_hence p(F = y p]) by (rule "∃I")
8980  AOT_thus p(F = y p]) by (metis Buridan "→E")
8981qed
8982
8983AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
8984proof(rule "→I")
8985  AOT_assume p (F  y p])
8986  AOT_hence p (F  y p]) by (metis "Buridan◇" "→E")
8987  AOT_hence (F  y p]) for p
8988    using "∀E" by blast
8989  AOT_hence F  y p] for p
8990    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2"
8991  AOT_thus p (F  y p]) by (rule GEN)
8992qed
8993
8994AOT_theorem "enc-prop-nec:1":
8995  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
8996proof(rule "→I"; rule GEN; rule "→I")
8997  fix F
8998  AOT_assume F (x[F]  p(F = y p]))
8999  AOT_hence F (x[F]  p(F = y p]))
9000    using "Buridan◇" "vdash-properties:10" by blast
9001  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
9002  AOT_assume x[F]
9003  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
9004  AOT_hence p(F = y p])
9005    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
9006  AOT_thus p(F = y p])
9007    using "prop-prop-nec:1"[THEN "→E"] by blast
9008qed
9009
9010AOT_theorem "enc-prop-nec:2":
9011  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
9012  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
9013  by blast
9014
9015(*<*)
9016end
9017(*>*)